{"id":"CVE-2017-12990","details":"The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.","modified":"2026-04-16T06:17:26.328244690Z","published":"2017-09-14T06:29:00.763Z","related":["SUSE-SU-2017:2854-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1039307"},{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"c2ef693866beae071a24b45c49f9674af1df4028"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"ikev2_auth_print","file":"print-isakmp.c"},"id":"CVE-2017-12990-24a2a8de","source":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028","digest":{"length":1043,"function_hash":"115386138351415520286796462380944916316"}},{"deprecated":false,"signature_version":"v1","source":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028","target":{"function":"ikev2_n_print","file":"print-isakmp.c"},"signature_type":"Function","id":"CVE-2017-12990-3154b75f","digest":{"length":3806,"function_hash":"135528459325260396769839432718121901881"}},{"signature_version":"v1","digest":{"line_hashes":["290462555895004016866948517356051648147","89624409826274216907983197818881632032","25522199540556269906142565267920571490","81829548745373252265118418126054519950","42183337102235695878820322402416169651","82663399605863261895491945769008957199","116376208560642454811933695031488491937","26991910271183248959422571194610148734","127598910923228103203798572803773465756","306135950345839942287275219486072544244","37316247343794070236664375271383662600","6077323587470533647910911313566670210","38804240083716183205874323492977953144","231490211603525129655803543515141854319","105119597318709601360804334155102019790","125403493055943588985942531668192261717","245890626480192462248380237185819955341","44538377327549397314754586634759596489","206699329603529664667425512677700195159","113716689028375180826886024450856351474","246840261924814458302392987849995896409","82872901424156790579268837971709544382","142970502551953408673493522138098210407","279024534277295372869348389481854383672","221484630280962293595124354575519504576","213424374933777803177173227450006401314","35336471180922286409569020892578582369","270183533078719932307837232384324518605","133064292411389829395894389035198776306","171401995158303400488483894450341317334","229902248924178232417418180391895340061","169188938545912708376544581069913235560","183227530681510187348305526318717865151","13460730083353055768746205618244951799","1135388276679065957211882253636628693","161095710779451908896573516788355791185","21991676980212790693625247039343556150","200974614988860196001600332841121911607","281402929738626737830924278741334887473","152323827357872081956540970745011398874","295891643295656993998590336017812134408","205997559844369889977244221313681929165","197122819002767327836722214189300948586","153986046122114013645342791154497654657","242919346639691898958966157101973894128","316022212117623679183683012529061167717","45504764586639229494527492071080745595","207372503862405586488504499479125917413","288245471159591164004022700642664175690","185465852595728078031290352339089981721","140572989479756039754330740377200141037","193085474445970608815215986463460810700","97994509396614378762916199981889523667","215162226786062330664540254194730774908","100510204494947768910788636794709823148","29038610153272998520341271864711506673","8201531062326898343653920049878070025","136528826885732904583023448388100750229","273361590761015048938034063758826410146","67012471660677576424146256074468606698","160330182075478344443125085013790928647","232165581562375335484945419195286220171","44671618295205443964752152952482709228","145385699251198507214414344554269176934","236835236853598146987543041713113808387","196125014579276683555575849443548650557","193696742244385449165137589050094888382","187877637198336504122587736972415447841","274162264758388342612358550648478261024","318498709442642324870170236960563946041","272307826287148597452125136719706684865","57438222831966860709119297023984615692","272993083169943829179107892038535129766","30569683760564989746133976648209775327","174481714498519789121592789949173295358","223174316215054323595498856130727027073","25412782466259284004170094469966064279","140798515858733162721128278955324060094","245955628281736119901427347547363976320","274175253325791824005600741660679694637","121557787222801493262964650450290236355","214560964510029791897589870449330661893","329821511542241034955091142529557970420","64833589437169177440644269492969322881","26468059469682489831031607680785347191","83851677413034872860848304930521032501","115325701304644914924387889834232612660","301221915633863499318169189431148166806","227751179331604615209024249529451636129"],"threshold":0.9},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028","target":{"file":"print-isakmp.c"},"signature_type":"Line","id":"CVE-2017-12990-326f4fac","deprecated":false},{"digest":{"length":4232,"function_hash":"264430849602241683280638600871163818727"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028","target":{"function":"ikev1_n_print","file":"print-isakmp.c"},"signature_type":"Function","id":"CVE-2017-12990-32f5835c","signature_version":"v1"},{"digest":{"length":947,"function_hash":"261114765277394521156344254819091254557"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028","target":{"function":"ikev1_nonce_print","file":"print-isakmp.c"},"signature_type":"Function","id":"CVE-2017-12990-5c9a0570","signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12990.json","vanir_signatures_modified":"2026-04-11T03:56:51Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}