Bug 23538 - tcpflow new security issue CVE-2018-14938
Summary: tcpflow new security issue CVE-2018-14938
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal major
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
Whiteboard: MGA6-64-OK
Keywords: advisory, validated_update
Depends on:
Reported: 2018-09-07 19:28 CEST by David Walser
Modified: 2018-10-19 20:02 CEST (History)
10 users (show)

See Also:
Source RPM: tcpflow-1.4.4-4.mga6.src.rpm
CVE: CVE-2018-14938
Status comment:


Description David Walser 2018-09-07 19:28:07 CEST
Fedora has issued an advisory on September 6:

Mageia 5 is also affected.
Comment 1 David Walser 2018-09-07 19:28:21 CEST
The issue is fixed upstream in 1.5.0.
Comment 2 Marja Van Waes 2018-09-08 13:20:01 CEST
Assigning to all packagers collectively, since there is no registered maintainer for this package.

CC'ing three pretty recent committers, and fedya who once imported this package.

@ fedya

Just in case you find time again to contribute & learn to now become a full packager: if your password wasn't reset since the end of February, then a sysadmin needs to reset it first.
If the ssh key that you used to commit is a dsa key, then a sysadmin needs to
replace your public key in identity with the public rsa key that you provide to

You can privately mail all our sysadmins by sending a mail to sysadmin AT group
DOT mageia DOT org :-)

CC: (none) => alexander, cjw, geiger.david68210, guillomovitch, marja11
Assignee: bugsquad => pkg-bugs

Comment 3 Mike Rambo 2018-10-16 18:03:44 CEST
Updated package uploaded for Mageia 6.


Updated tcpflow package fixes security vulnerability:

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory or a denial of service (CVE-2018-14938).


Updated packages in core/updates_testing:

from tcpflow-1.5.0-1.mga6.src.rpm

CC: (none) => mrambo
Assignee: pkg-bugs => qa-bugs
CVE: (none) => CVE-2018-14938

Comment 4 PC LX 2018-10-18 17:16:34 CEST
Installed and tested without issues.

Tests included capturing HTTP(S), IMAP(S), POP3(S), MySQL to files or terminal. The output seems correct.

System: Mageia 6, x86_64, Intel CPU.

$ uname -a
Linux marte 4.14.70-desktop-2.mga6 #1 SMP Thu Sep 20 22:05:46 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ lspcidrake | grep NET
r8169           : Realtek Semiconductor Co., Ltd.|RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [NETWORK_ETHERNET] (rev: 02)
$ rpm -q tcpflow
$ tcpflow -a -i lo
reportfilename: ./report.xml
tcpflow: listening on lo
$ tcpflow -a
reportfilename: ./report.xml
tcpflow: listening on enp2s0

CC: (none) => mageia
Whiteboard: (none) => MGA6-64-OK

Comment 5 Thomas Andrews 2018-10-18 22:59:37 CEST
Validating. Suggested advisory in Comment 3.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Thomas Backlund 2018-10-19 18:01:43 CEST

CC: (none) => tmb
Keywords: (none) => advisory

Comment 6 Mageia Robot 2018-10-19 20:02:01 CEST
An update for this issue has been pushed to the Mageia Updates repository.


Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.