Issued:: 2017-08-01
Updated:: 2017-08-01

RHSA-2017:1871 - Moderate: tcpdump security, bug fix, and enhancement update

Synopsis

Moderate: tcpdump security, bug fix, and enhancement update

Type/Severity

Security Advisory Moderate

Topic

An update for tcpdump is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.

The following packages have been upgraded to a later upstream version: tcpdump (4.9.0). (BZ#1422473)

Security Fix(es):

Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which could cause it to display incorrect data, crash or enter an infinite loop. (CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155, CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486)

Red Hat would like to thank the Tcpdump project for reporting CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, and CVE-2017-5486.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Product	Version	Arch
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions	7.7	x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions	7.6	x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions	7.4	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	7.7	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	7.6	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	7.5	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	7.4	x86_64
Red Hat Enterprise Linux for Scientific Computing	7	x86_64
Red Hat Enterprise Linux for Power, little endian	7	ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support	7.7	ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support	7.6	ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support	7.5	ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support	7.4	ppc64le
Red Hat Enterprise Linux for Power, big endian	7	ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support	7.7	ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support	7.6	ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support	7.5	ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support	7.4	ppc64
Red Hat Enterprise Linux for IBM z Systems	7	s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support	7.7	s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support	7.6	s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support	7.5	s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support	7.4	s390x
Red Hat Enterprise Linux Workstation	7	x86_64
Red Hat Enterprise Linux Server	7	x86_64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions	7.7	ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions	7.6	ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions	7.4	ppc64le
Red Hat Enterprise Linux Server - TUS	7.7	x86_64
Red Hat Enterprise Linux Server - TUS	7.6	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support	7	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian	7	ppc64le
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian	7	ppc64
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)	7	s390x
Red Hat Enterprise Linux Server - AUS	7.7	x86_64
Red Hat Enterprise Linux Server - AUS	7.6	x86_64
Red Hat Enterprise Linux Server - AUS	7.4	x86_64
Red Hat Enterprise Linux EUS Compute Node	7.7	x86_64
Red Hat Enterprise Linux EUS Compute Node	7.6	x86_64
Red Hat Enterprise Linux EUS Compute Node	7.5	x86_64
Red Hat Enterprise Linux EUS Compute Node	7.4	x86_64
Red Hat Enterprise Linux Desktop	7	x86_64

Updated Packages

tcpdump-debuginfo-4.9.0-5.el7.aarch64.rpm
tcpdump-debuginfo-4.9.0-5.el7.s390x.rpm
tcpdump-debuginfo-4.9.0-5.el7.x86_64.rpm
tcpdump-4.9.0-5.el7.s390x.rpm
tcpdump-4.9.0-5.el7.ppc64.rpm
tcpdump-debuginfo-4.9.0-5.el7.ppc64le.rpm
tcpdump-4.9.0-5.el7.x86_64.rpm
tcpdump-debuginfo-4.9.0-5.el7.ppc64.rpm
tcpdump-4.9.0-5.el7.ppc64le.rpm
tcpdump-4.9.0-5.el7.src.rpm
tcpdump-4.9.0-5.el7.aarch64.rpm

Fixes

CVEs

CVE-2015-0261
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-8574
CVE-2016-8575
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486

References

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.