tcpdump-4.9.3-2.el8

エラータID: AXSA:2021-2659:02

Release date: 
Sunday, December 12, 2021 - 07:45
Subject: 
tcpdump-4.9.3-2.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Low
Description: 

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.

Security Fix(es):

* tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory (CVE-2020-8037)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-8037
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. tcpdump-4.9.3-2.el8.src.rpm
    MD5: 2b27db1ac47b7fe0c48808db6c7e2c49
    SHA-256: 210ce836bf4fbaaaf232054224d3c2c680b75a7b7c0a669f5b6d0cb2a12bd1d4
    Size: 1.93 MB

Asianux Server 8 for x86_64
  1. tcpdump-4.9.3-2.el8.x86_64.rpm
    MD5: 0fc177ebad2680e0374eba4623e84662
    SHA-256: 4719b24a8d76747ec1627affe3ae9a4ddf960177045613cc0664e585a1cff78c
    Size: 451.18 kB