Security update for tcpdump SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2875-1 Final 1 1 2017-10-27T18:41:57Z current 2017-10-27T18:41:57Z 2017-10-27T18:41:57Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tcpdump This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed: - CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247). - CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247). - CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247) - CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247). - CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247). - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247) - CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247) - CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247) - CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247) - CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247) - CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247) - CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247) - CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html E-Mail link for openSUSE-SU-2017:2875-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 tcpdump-4.9.2-9.1 tcpdump-4.9.2-9.1 as a component of openSUSE Leap 42.2 tcpdump-4.9.2-9.1 as a component of openSUSE Leap 42.3 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. CVE-2017-11108 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-11108.html CVE-2017-11108 https://bugzilla.suse.com/1047873 SUSE Bug 1047873 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. CVE-2017-11541 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-11541.html CVE-2017-11541 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. CVE-2017-11542 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-11542.html CVE-2017-11542 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. CVE-2017-11543 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-11543.html CVE-2017-11543 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). CVE-2017-12893 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12893.html CVE-2017-12893 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). CVE-2017-12894 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12894.html CVE-2017-12894 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). CVE-2017-12895 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12895.html CVE-2017-12895 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). CVE-2017-12896 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12896.html CVE-2017-12896 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). CVE-2017-12897 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12897.html CVE-2017-12897 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). CVE-2017-12898 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12898.html CVE-2017-12898 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). CVE-2017-12899 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12899.html CVE-2017-12899 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). CVE-2017-12900 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12900.html CVE-2017-12900 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). CVE-2017-12901 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12901.html CVE-2017-12901 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. CVE-2017-12902 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12902.html CVE-2017-12902 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). CVE-2017-12985 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12985.html CVE-2017-12985 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). CVE-2017-12986 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12986.html CVE-2017-12986 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). CVE-2017-12987 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12987.html CVE-2017-12987 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse(). CVE-2017-12988 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12988.html CVE-2017-12988 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length(). CVE-2017-12989 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12989.html CVE-2017-12989 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. CVE-2017-12990 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12990.html CVE-2017-12990 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-12991 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12991.html CVE-2017-12991 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). CVE-2017-12992 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12992.html CVE-2017-12992 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. CVE-2017-12993 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12993.html CVE-2017-12993 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-12994 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12994.html CVE-2017-12994 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). CVE-2017-12995 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12995.html CVE-2017-12995 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). CVE-2017-12996 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12996.html CVE-2017-12996 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print(). CVE-2017-12997 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12997.html CVE-2017-12997 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach(). CVE-2017-12998 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12998.html CVE-2017-12998 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print(). CVE-2017-12999 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-12999.html CVE-2017-12999 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print(). CVE-2017-13000 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13000.html CVE-2017-13000 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). CVE-2017-13001 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13001.html CVE-2017-13001 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension(). CVE-2017-13002 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13002.html CVE-2017-13002 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). CVE-2017-13003 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13003.html CVE-2017-13003 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header(). CVE-2017-13004 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13004.html CVE-2017-13004 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter(). CVE-2017-13005 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13005.html CVE-2017-13005 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions. CVE-2017-13006 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13006.html CVE-2017-13006 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print(). CVE-2017-13007 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13007.html CVE-2017-13007 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). CVE-2017-13008 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13008.html CVE-2017-13008 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print(). CVE-2017-13009 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13009.html CVE-2017-13009 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). CVE-2017-13010 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13010.html CVE-2017-13010 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal(). CVE-2017-13011 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13011.html CVE-2017-13011 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 https://bugzilla.suse.com/1123142 SUSE Bug 1123142 The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). CVE-2017-13012 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13012.html CVE-2017-13012 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions. CVE-2017-13013 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13013.html CVE-2017-13013 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. CVE-2017-13014 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13014.html CVE-2017-13014 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). CVE-2017-13015 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13015.html CVE-2017-13015 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). CVE-2017-13016 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13016.html CVE-2017-13016 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print(). CVE-2017-13017 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13017.html CVE-2017-13017 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13018 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13018.html CVE-2017-13018 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13019 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13019.html CVE-2017-13019 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). CVE-2017-13020 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13020.html CVE-2017-13020 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). CVE-2017-13021 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13021.html CVE-2017-13021 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). CVE-2017-13022 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13022.html CVE-2017-13022 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13023 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13023.html CVE-2017-13023 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13024 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13024.html CVE-2017-13024 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). CVE-2017-13025 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13025.html CVE-2017-13025 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions. CVE-2017-13026 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13026.html CVE-2017-13026 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). CVE-2017-13027 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13027.html CVE-2017-13027 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). CVE-2017-13028 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13028.html CVE-2017-13028 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options(). CVE-2017-13029 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13029.html CVE-2017-13029 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions. CVE-2017-13030 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13030.html CVE-2017-13030 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). CVE-2017-13031 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13031.html CVE-2017-13031 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string(). CVE-2017-13032 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13032.html CVE-2017-13032 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). CVE-2017-13033 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13033.html CVE-2017-13033 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). CVE-2017-13034 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13034.html CVE-2017-13034 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). CVE-2017-13035 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13035.html CVE-2017-13035 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). CVE-2017-13036 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13036.html CVE-2017-13036 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). CVE-2017-13037 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13037.html CVE-2017-13037 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). CVE-2017-13038 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13038.html CVE-2017-13038 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. CVE-2017-13039 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13039.html CVE-2017-13039 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. CVE-2017-13040 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13040.html CVE-2017-13040 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). CVE-2017-13041 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13041.html CVE-2017-13041 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print(). CVE-2017-13042 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13042.html CVE-2017-13042 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn(). CVE-2017-13043 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13043.html CVE-2017-13043 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print(). CVE-2017-13044 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13044.html CVE-2017-13044 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). CVE-2017-13045 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13045.html CVE-2017-13045 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). CVE-2017-13046 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13046.html CVE-2017-13046 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). CVE-2017-13047 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13047.html CVE-2017-13047 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). CVE-2017-13048 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13048.html CVE-2017-13048 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). CVE-2017-13049 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13049.html CVE-2017-13049 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). CVE-2017-13050 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13050.html CVE-2017-13050 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). CVE-2017-13051 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13051.html CVE-2017-13051 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). CVE-2017-13052 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13052.html CVE-2017-13052 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). CVE-2017-13053 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13053.html CVE-2017-13053 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). CVE-2017-13054 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13054.html CVE-2017-13054 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). CVE-2017-13055 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13055.html CVE-2017-13055 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). CVE-2017-13687 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13687.html CVE-2017-13687 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). CVE-2017-13688 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13688.html CVE-2017-13688 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). CVE-2017-13689 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13689.html CVE-2017-13689 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions. CVE-2017-13690 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13690.html CVE-2017-13690 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247 The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print(). CVE-2017-13725 openSUSE Leap 42.2:tcpdump-4.9.2-9.1 openSUSE Leap 42.3:tcpdump-4.9.2-9.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00093.html https://www.suse.com/security/cve/CVE-2017-13725.html CVE-2017-13725 https://bugzilla.suse.com/1050219 SUSE Bug 1050219 https://bugzilla.suse.com/1050222 SUSE Bug 1050222 https://bugzilla.suse.com/1050225 SUSE Bug 1050225 https://bugzilla.suse.com/1057247 SUSE Bug 1057247