-----BEGIN PGP PUBLIC KEY BLOCK-----
xsDNBGIl7V0BDAC+6Rrs/dA9eDfxCA5DutvqKqSxwodFEgiMxDLnR0OSrwlYgTFh
X+OChdT+L0AyBJsjfsrWByRCm/Eky6JE9QtnmDpusvrYwXmVm/Whe/0W+qJ6rzzU
sL0GkZoOUt2JhTdYcJ1o2A+J3RgXUuXUENMrpFhUwwpu7YOaMgCrno64C4wBgK55
KDUCd6i5bM26P4csLNjRO4+qJj4m3Hve/iJgpb510XI3aS4azY/Rm+iXGrlGMi9T
PGEDcsjoO3zT7v3l0EA5SEhpbXBHOGy94vRcMBYuUZqhwfa8Mi/h1uTtTHmT/+1f
7eWoO0tPssex6mWIodZo1epKIfjhbW63C571XIB0ZIuqfChj4k5dgthUqeJXpRDl
v3l2wd5HYzbGu3Ie37PodIeocnTa2C/o6PvN+wA4+BYWgZXCdCA5TqVrM+HCwzmF
Guc6ALYNklgpxas/4ZP6tcQxMgU8oBQ1+3Ufef46iP/jo9CvFRQ5JystLhHLfVpm
BgcILk2rYwwWjE0AEQEAAc1ARGF2aWQgRmVybmFuZGV6IEdvbnphbGV6IDxkYXZp
ZC5mZXJuYW5kZXpnb256YWxlekBjYW5vbmljYWwuY29tPsLBFAQTAQoAPhYhBIhm
zS6qttOZ5NIT3RltQSE48z9kBQJiJe1dAhsDBQkDwmcABQsJCAcDBRUKCQgLBRYC
AwEAAh4BAheAAAoJEBltQSE48z9kbG0MALnqt1PxxnNeDW11/d8nV66k/rweAfYT
TqzJ0ikuNDh94AdeuLCsOLfMk64d3KMyswD+i8CaFhkKv2kIlD/QzOku3PBUo4PP
+NxKWzCWYG3ZcGApgdhr+y7G59ZvuKxO0xxzbRIQmcnAl1qr6PvHpaSQJ/w1eKMl
GTVX5PvZNxVvg3TZ6NQhX1n2gIeqCYo4C9e9aIYCk8w4Gu6NyMiUBuy0ybMkz9JL
X4wEeRc2aGuWtSAnOayqTyDpleVy0qCH7tufh1ZL0gNFN8UJptivtmVSjNh5nPwU
x+a42iTjU3uVUGZ/UdtTOpruXHAX0zporXYXNFzZUG82Um7mYB8ETx1EribDG7TC
ktYEA+XBkfZ6JhGeeKMsLt5GmcfXB/+EoKUZjSsx94kqFNAQe6X4Y/158tZ8Gt3J
k2Aj/VBZK7lSbFjIB/jdf6ydhwLRIXsAlVx8i2NYa3SxLZMfKaet8LA/y+GNZxnj
GCdRT9eEJOZ62VETYwd+pAPW5BamUv8kW87AzQRiJe1dAQwAp0ywqyunvK5Iwn7T
x+tzixODvTgwMc+uNrH3o6+Ra6+Bn+YLmuuOwiScRb+sSErXoDz/LgLF0oIB2ZIs
Be+FT0m/eUY3xLiGF8L9DvrRSmePyiiml9rrd1wduuhg6hQw6/ef08WayVEzFWCF
63sqQk18ZKatP3WnOhSd0OT5xOXcW2//NJwFni+cjfnYuUMpVNodCwFQJtEeYSZz
zxVEJd4AtfM/ynGznPyYIsybt+fUhDvVEI+neWflpLk9jrJ1XIAhObEWkmgH9KQ3
5VGN7aLVBkxdbz2yCM4Auz8+DnDyksxuvZ3wcsM/eyIPFoBLrh3xNLOrERNqjPR3
MSnEGkt3+dkiQ5LbcvOpittix8Ycc6qdYYL6Gfy4Lfr/VZUWeGrGsVc79C+aqQUe
1dJkqGMTk9CRNaGxUlSyQ5ylcyoNlLusPGO/3zPGBIY7fOlqTVR7LFmfyxHcoCmg
EqXxhooeJn2PmTOY6E2Ap5ViYr8akucmO6GPJxHXqgW7qNDdABEBAAHCwPwEGAEK
ACYWIQSIZs0uqrbTmeTSE90ZbUEhOPM/ZAUCYiXtXQIbDAUJA8JnAAAKCRAZbUEh
OPM/ZODXDACkYliQ7r5w5IbBniu2axcW5j3PGd+G9Cm90oirsd9v35qRxErYXwbP
b79gBTMxHGgw+4mIz3F2mzzynZ11joW+0Zr8Vgr3BKSNBS5hz9NfcwkdiubkGsoj
jhruNUFtQqBNyQIJh9CfECXq2puYY7H6lu13bBNb49TY6XzyvOni2A5WntQqN+Ap
/RkxkLIGnBwi4p06OYs9Atda8IrMv0zXxlzRNEqk1cniNsSyRWHruVvN6nhVuvwF
sNM6z7F48B8tTh3iKludMPVL5YgGQeVtN3rXOwPCq3f9Y6G67eJxs7HhQYtuj7Gn
c3porYgLw2xOh6BOa6dWby0/adS79+FdycEtlNRKlrLMneEL2Sk1zrKVd0uF96yX
VOS0nAHllLod67uFgjT85P2MZWN7dPD6jAhv9rOq9cgOCKB+ulACePOpoXDFzgND
w5FGDbZtHYnLrJWyyqnas4ms4pnmJsnHAyDBWYS8a6j82D7NSx/7MrH6bAFl18zK
7/zNmhJ06VU=
=JWgW
-----END PGP PUBLIC KEY BLOCK-----
==========================================================================
Ubuntu Security Notice USN-5331-2
April 11, 2022
tcpdump vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in tcpdump.
Software Description:
- tcpdump: command-line network traffic analyzer
Details:
USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides
the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)
It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
tcpdump 4.9.3-4ubuntu0.1
Ubuntu 18.04 LTS:
tcpdump 4.9.3-0ubuntu0.18.04.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5331-2
https://ubuntu.com/security/notices/USN-5331-1
CVE-2018-16301, CVE-2020-8037
Package Information:
https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-4ubuntu0.1
https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.18.04.2
No comments:
Post a Comment