CVE-2020-8037

Beschreibung:
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

CWE: CWE-770

CVSS-Bewertung
CVSS 2: MEDIUM – 5 (Version: 2.0)
CVSS 3: HIGH – 7.5 (Version: 3.1)

Links:

NVD – CVE-2020-8037
CVE – CVE-2020-8037

Link (max. 20) Quelle Tags
https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231 MISC Patch Third Party Advisory Third Party Advisory
[debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update MLIST Mailing List Third Party Advisory
FEDORA-2020-fae2e1f2bc FEDORA Mailing List Third Party Advisory Vendor Advisory
FEDORA-2020-c5e78886d6 FEDORA Mailing List Third Party Advisory
https://support.apple.com/kb/HT212327 CONFIRM Third Party Advisory Patch Vendor Advisory
https://support.apple.com/kb/HT212326 CONFIRM Third Party Advisory Patch Vendor Advisory
https://support.apple.com/kb/HT212325 CONFIRM Third Party Advisory Vendor Advisory
20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina FULLDISC Mailing List Third Party Advisory
[shiro-dev] 20210504 Re: Request for assistance to backport CVE-2020-13933 fix MLIST Exploit Mailing List Vendor Advisory

Quelle: NVD – CVE-2020-8037
Datum Veröffentlichung: 2020-11-04T18:15Z, Datum letzte Änderung: 2021-05-05T13:12Z