Advisories » MGASA-2014-0511

Updated tcpdump package fixes security vulnerability

Publication date: 05 Dec 2014
Modification date: 05 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9140

Description

It was discovered that tcpdump incorrectly handled printing PPP packets. A
remote attacker could use this issue to cause tcpdump to crash, resulting
in a denial of service, or possibly execute arbitrary code
(CVE-2014-9140).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14728
• http://www.ubuntu.com/usn/usn-2433-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140

SRPMS

4/core

• tcpdump-4.4.0-2.2.mga4