| Summary: | tcpdump new security issue CVE-2020-8037 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | herman.viaene, mageia, nicolas.salguero, ouaurelien, sysadmin-bugs |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK | ||
| Source RPM: | tcpdump-4.9.3-1.mga7.src.rpm | CVE: | CVE-2020-8037 |
| Status comment: | |||
|
Description
David Walser
2020-11-11 00:41:32 CET
David Walser
2020-11-11 00:41:38 CET
Whiteboard:
(none) =>
MGA7TOO A homeless package, so having to assign the bug globally. Assignee:
bugsquad =>
pkg-bugs Suggested advisory: ======================== The updated package fixes a security vulnerability: The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. (CVE-2020-8037) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8037 https://www.debian.org/lts/security/2020/dla-2444 ======================== Updated packages in core/updates_testing: ======================== tcpdump-4.9.3-1.1.mga7 from SRPM: tcpdump-4.9.3-1.1.mga7.src.rpm Whiteboard:
MGA7TOO =>
(none) Installed and tested without issues. System: Mageia 6, x86_64, Intel CPU, RTL8168g ethernet, Wireguard VPN. Tested several commands taken from the manual page. No issues noticed. $ uname -a Linux marte 5.7.19-desktop-3.mga7 #1 SMP Sun Oct 18 15:46:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ lspcidrake | grep NET r8169 : Realtek Semiconductor Co., Ltd.|RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [NETWORK_ETHERNET] (rev: 11) $ dmesg | grep -i rtl [ 24.477717] r8169 0000:01:00.0 eth0: RTL8168g/8111g, 70:85:c2:c7:15:b2, XID 4c0, IRQ 28 $ rpm -q tcpdump tcpdump-4.9.3-1.1.mga7 $ ping -4q localhost & $ ping -6q localhost & $ tcpdump host localhost -i lo tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes 13:00:10.555251 IP6 localhost > localhost: ICMP6, echo request, seq 4, length 64 13:00:10.555269 IP6 localhost > localhost: ICMP6, echo reply, seq 4, length 64 13:00:11.323252 IP localhost > localhost: ICMP echo request, id 2276, seq 9, length 64 13:00:11.323273 IP localhost > localhost: ICMP echo reply, id 2276, seq 9, length 64 <SNIP> CC:
(none) =>
mageia MGA7-64 MATE on Peaq C1011 No installation issues Repeated above tests $ ping -4q localhost & [1] 1658 PING localhost (127.0.0.1) 56(84) bytes of data. $ ping -6q localhost & [2] 1693 PING localhost(localhost (::1)) 56 data bytes # tcpdump host localhost -i lo tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes 15:20:48.991640 IP6 localhost > localhost: ICMP6, echo request, seq 82, length 64 15:20:48.991739 IP6 localhost > localhost: ICMP6, echo reply, seq 82, length 64 15:20:49.119594 IP localhost > localhost: ICMP echo request, id 1658, seq 114, length 64 15:20:49.119686 IP localhost > localhost: ICMP echo reply, id 1658, seq 114, length 64 and loads more ...... Seems OK CC:
(none) =>
herman.viaene Validating. Advisory and packages in Comment 2. Advisory pushed to SVN. Keywords:
(none) =>
advisory, validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0430.html Status:
ASSIGNED =>
RESOLVED |