sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
08 Apr 2022, 13:27
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/ - Mailing List, Third Party Advisory | |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT210785 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/ - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT210789 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/10/msg00031.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT210790 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4221-1/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/12/msg00014.html - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2019/Dec/26 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/ - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4221-2/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT210788 - Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Dec/23 - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:apple:iphone_os:13.3:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.2:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-007:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:* cpe:2.3:o:apple:ipados:13.3:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:apple:watchos:6.1.1:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:13.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* |
26 Dec 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-10-03 19:15
Updated : 2024-02-04 20:39
NVD link : CVE-2019-15165
Mitre link : CVE-2019-15165
CVE.ORG link : CVE-2019-15165
JSON object : View
Products Affected
apple
- ipados
- iphone_os
- watchos
- mac_os_x
- tvos
debian
- debian_linux
fedoraproject
- fedora
canonical
- ubuntu_linux
opensuse
- leap
tcpdump
- libpcap
oracle
- communications_operations_monitor
CWE
CWE-770
Allocation of Resources Without Limits or Throttling