{"id":"CVE-2017-12995","details":"The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().","modified":"2026-04-16T06:18:45.009892281Z","published":"2017-09-14T06:29:00.937Z","related":["SUSE-SU-2017:2854-1","SUSE-SU-2019:14191-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1039307"},{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"3a76fd7c95fced2c2f8c8148a9055c3a542eff29"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"vanir_signatures":[{"id":"CVE-2017-12995-6657371c","signature_version":"v1","target":{"file":"print-domain.c"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29","digest":{"threshold":0.9,"line_hashes":["186523901139974695757499412785972536238","81902134392199983219004731208962365047","314792974199914986604531919821724129602","112641495530610653752369289520807752174","118623813490315879183866470101674143161","50624683111763494804016927956065108139","254655054212559804634098122197348317768","337322039747238142822227824017127063143","317975490280134030861394093961638140407","11187133106110759441359645385947511679","311184410365909173804145921070382696917","204054733204850947111064801227810699581","262727745599338489467671187552993824269","25659142467271311192455819213184233299","146635366305186421807158221960380407797","254655054212559804634098122197348317768","170215455597743731874390154421120766382","150181804222924439899818738266010931734","73476725149873235205081854371654562824","177586576821859783585873896303736208483","122423369543425930432575421760294308269","312634792135388215771667509369268054076","296896244661693425618441660550708209452","207012748358424391116036392383873335757","32082122679461856249889343425595973474","116904376629567193130296422749487545053","214307034127674026378127712790918695792","234079322587035646666490442390255484294","242211844960224333698716253849255833653","4077039079191093459536649579387741996","254655054212559804634098122197348317768","170215455597743731874390154421120766382","150181804222924439899818738266010931734","197209394889814443606383461933635437387","12266340197541142369835894221158557156","108416767134863025886920785955592270195"]},"signature_type":"Line"},{"id":"CVE-2017-12995-deb48fd3","signature_version":"v1","target":{"file":"print-domain.c","function":"ns_nprint"},"deprecated":false,"signature_type":"Function","digest":{"length":1660,"function_hash":"43430048188445635112347222465899490996"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29"}],"vanir_signatures_modified":"2026-04-11T04:47:29Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12995.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}