Red Hat Security Advisory 2017-1871-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump. Security Fix: Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode which could cause it to display incorrect data, crash or enter an infinite loop.
543ecbee65f5ca3dd083ab9fb102943ec0f4ab45e0c6b83beeec67475a6e0ba9
Apple Security Advisory 2017-03-27-3 - macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.
54a3d5f1eafce35231db5001f3683c3b0fd1ddc198a138e24dfe71082667f5b2
Ubuntu Security Notice 3205-1 - It was discovered that tcpdump incorrectly handled certain packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the tcpdump AppArmor profile.
30c55c729f07bfaa1b16d49c845bf6d64d4efd53025ee7972977d681ade99797
Gentoo Linux Security Advisory 201702-30 - Multiple vulnerabilities have been found in tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.0 are affected.
8ffc74e2fe431b4a341286028ece8f05c252e71a23beb25c97a02328f1ab7903
Slackware Security Advisory - New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. NOTE: These updates also require the updated libpcap package.
9454d9680fcc638d5ac0de8c9586334e96801a03b7486c3e6272564e49872202