========================================================================== Ubuntu Security Notice USN-5331-2 April 11, 2022
tcpdump vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in tcpdump. Software Description: - tcpdump: command-line network traffic analyzer Details: USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2018-16301) It was discovered that tcpdump incorrectly handled certain captured data. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8037) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: tcpdump 4.9.3-4ubuntu0.1 Ubuntu 18.04 LTS: tcpdump 4.9.3-0ubuntu0.18.04.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5331-2 https://ubuntu.com/security/notices/USN-5331-1 CVE-2018-16301, CVE-2020-8037 Package Information: https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-4ubuntu0.1 https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.18.04.2
OpenPGP_0x196D412138F33F64.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
