{"id":"CVE-2017-13019","details":"The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().","modified":"2026-04-02T00:02:50.047764Z","published":"2017-09-14T06:29:01.937Z","related":["MGASA-2017-0335","SUSE-SU-2017:2854-1","SUSE-SU-2019:14191-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039307"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/4601c685e7fd19c3724d5e499c69b8d3ec49933e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"4601c685e7fd19c3724d5e499c69b8d3ec49933e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.5.2","tcpdump-3.6.1","tcpdump-3.6.2","tcpdump-3.6.3","tcpdump-3.7.1","tcpdump-3.7.2","tcpdump-3.8-bp","tcpdump-3.8.1","tcpdump-3.8.2","tcpdump-3.8.3","tcpdump-3.9.1","tcpdump-3.9.2","tcpdump-3.9.3","tcpdump-3.9.5","tcpdump-3.9.6","tcpdump-3.9.7","tcpdump-3.9.8","tcpdump-4.0.0","tcpdump-4.1.0","tcpdump-4.1.1","tcpdump-4.2.1","tcpdump-4.3.0","tcpdump-4.4.0","tcpdump-4.5.0","tcpdump-4.5.1","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.6.1","tcpdump-4.7.0-bp","tcpdump-4.7.2","tcpdump-4.7.3","tcpdump-4.7.4","tcpdump-4.8.0","tcpdump-4.8.0-bp","tcpdump-4.8.1","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"vanir_signatures":[{"deprecated":false,"target":{"file":"print-pgm.c","function":"pgm_print"},"id":"CVE-2017-13019-1ec80937","signature_type":"Function","signature_version":"v1","source":"https://github.com/the-tcpdump-group/tcpdump/commit/4601c685e7fd19c3724d5e499c69b8d3ec49933e","digest":{"function_hash":"296299028895828595715269051062761265840","length":14493}},{"deprecated":false,"target":{"file":"print-pgm.c"},"id":"CVE-2017-13019-d7dd947b","signature_type":"Line","signature_version":"v1","source":"https://github.com/the-tcpdump-group/tcpdump/commit/4601c685e7fd19c3724d5e499c69b8d3ec49933e","digest":{"threshold":0.9,"line_hashes":["9489202841728623503464589370967314747","205382417137070223215271996361881291818","327825116257555093275518534313090286650","248256796966630572600339737843356256028","199577271430002250942278958776084038314","3598459076500035109138577245271322392","337012446245254342311268947568913547043","179193487301515617071037610577790646384","147162829822803224058490727390183688667","217472637241236602816972111503156234018","197199285933269282091607513674178564772","151520730741552419727534006206513204881","315426953836808102609453884402855086432","156371830701943432643808377082172372290","91739666636627190273396113034214593989","47675571777220619393611785363151525338","172053568016467099165268250665120766052","248840119666374929800399784002757533551","5900162669002588162161180836564942915","303941168974895897404410428758833675315","274341228364337658239948869732695071384","23737069423723474039726399458131109428","264834192219904821967306721891182536021","110686917126010502405290558790719549461","5187015254991393805668860854151021487","153075130052397522556189399209569815043","202483670853821520963972186255984924125","73866171609046860902310451082434509064","153801566259109710304950957394169999977","74162830326738494375944089980925226124","173824085435048833338302120106997220001","234143531662086105790348062861488307027","320074679816599040340177312799432650860","128055125739168841154620657702102355833","65351573051461869697516852976782225777","207507836302863172971285631323708354748","317698197659355491521520904598897971277","71878459891257051073929320798937802886","91103341420786342811251650379407890833","186077097523505162895249646532139636528","292731352225342468400585464673470137847","182607983385355348966965109501092833856","153870758478609578530022343201516380481","139574158937268610500320489840494827238","269746581218403549744738427982366463767","91739666636627190273396113034214593989","47675571777220619393611785363151525338","310916409190281612873726336957777777812","10742047804040015362282601121693313846","258173744607576921458202282322497856061","136713749250652707541412097515745543122","149299482080086934394453327880561848775","162305288298632813468799577512304014660","323390551694091775118133763803992240843","336297433461957945951306873866750915942","136297677049506623482339778730755496430","334736767393216742659405900353319074980","258152624377153297601411867959448197656","82435509264631261367648532585040873619","295405976021834878492916748375116084596","319529855959506476343509389419680325869","258406304173782437240618829715419521947","258121786160644370154076600676754716589","306434705401794975200967061187569383826","186732509670085538758771063155582488843","40696756969150547884574197707467976768","268254236489780826878139926757859168466","169699711632618712613588262554401524361","479958942031481812052322235015372728","334736767393216742659405900353319074980","258152624377153297601411867959448197656","82435509264631261367648532585040873619","295405976021834878492916748375116084596","263074353030917910045449543360342728950","141013551464713099978256060315334420862","267176396175277343541882765632334762439","47833795453233029962434707483288214072","167950994486563019244162639334698427574","73870883974907695294848291433350061351","127795442427422434593187604803796764484","289234589637823546902002541956855710704","226006801026810085317839714669433781513","11821593753222430386136147118623909239","907681370840089788506926675896318443","92772978699007760230559847281983525073","173776678481720311748460661715549307138","233744314174466492975817159586627158099","269128780002088038794289011055262293603","16806486300664845804666747618304372671","324345950524485808805967300119065201920","283412508167944915608150004092316472685","97275031711958635132677048670025766179","231332634859411303529467144112730474041","249596384356709518026566889576578690234","297837908329358136947016985243408840373","222063253148114218472836531027985834502","307900232012395900109491926551933969206","250406154016817337031941066522891009233","66660446047383949994918167332671113222","3522549128589109056519965584579037157","245100532945981162084965244012961029383","301777700456333822934966138741028357935","207395125646349249179997367754079390121","247876723867510301994313659206927874937","140338766044149932659985817072060335303","234842476069172844648476211095673478991","39191935444070147889376208520863616615","124070958199429343304147417920078893480","181324504198304024426981059799627635048","231394672517636654965225511342654395910","53513563325556434684961642619788947668","327059800591403864977696822143855873045","236924209459223449319383229994520857944","208284891241730142285398515662307718999","25656495417966394856109003660317368719","25794100798447691918627842541632367751","251403714804032363014294952658340616287","32766017510243182118499368282873707857","136046928459358127644706555113817979123","91739666636627190273396113034214593989","47675571777220619393611785363151525338","333822317605063903600258497844911650162","115672245934328715602789207515619083584","311398739292383308597631752109124859037","44050993428624669046082430897685009440","30491466959625331833033436683339107407","24705680479651611492729271503854164296","201349788310855322103166960882530067271","119785444823643502288090528132277964212","208266947111681520932292777223459255713","181324504198304024426981059799627635048","231394672517636654965225511342654395910","36978702543937761561134905420036920778","308925917526841975441101612448761580006","12508345757476000265292975670920483805","293459196833103210535789638022154137759","277513112002549505950786080864035905314","229048399411548908935496578957037920389","305900905028130605446672481830085639391","52680123694368379549984458469127463980","293183599370699215641676498860154749004","303643476863528611093573452416646439030","306259788342774667809964947410025311530","241715234422066466944497572928406584633","130463089866195526463575596016582286619","281277474313091180466689913913948557823","86815490402072115052673943963332424104","216796818531662566743749030727849110445","146144950531323961929584881075712963722","34915918347306877098562251501183109600","30935364415121666687474579416404044729","204737173552887467537120768086258200293","214199147621869264474965855052506998867","175399429553729421432891806046193258230","261561209596170315406243953291625110246","76395711340288988310032269853058050075","315100474312973948423036949322559894759","320329981102484966813799461073827568751","50056524362256887295401868739243014383","48075974625481807885105704067539287534","259818680141866932431031854869763637565","283176658119897813464139453795711217506","213916220392591813170445881602671632086","266992272635044428202826097206869125075","793397166423975962373640722144268998","302029506280091914361733710442671924464","15169268498330639147767524720759592711","335686156910656728989396461766975292094","152623124570154108229363220168148153513","315020967265346357186428670194257149069","271783847408536154159115479321542551310","232114984585529992831458133134104516071","275462230572235227553186859723240951210","116762554469545842109398926755235101310","290693472863500891623210789280056177428","125315510072034497329422068707840565927","88882780030706273336828545217552078398","34330420740600844255563859370008678663","268915127080052864574863513606534443846","29777105515634831872616051922457009762","121876764335055661983887236783714478195","129610112288427465205705770068253090065","198357222064601925394956278579640450888","114063879968301952818194253807980013081","163699012739348240445828628059399575908","266458574521239534171023935383011948491","153472689872668995109956985454117978464","225816625900119705272015200966485531756","210933727172229679371173681061447736746","226006801026810085317839714669433781513","162326491139959665188643453340132788996","122696360430576089989435052939599106268","99555770198640598771361561238107539878","255680984952544442651290555767414901583","140799418580205959372987678005976570555","269128780002088038794289011055262293603","16806486300664845804666747618304372671","25941030594838035956056704218430166581","306304930095146756158379218967675239712","260688523255560971853825970640298577953","255585620117034733297940675954099316399","56419617541340841570516946246696013304","233939792841048709259334415911272010843","173486482341249149481747310310906262479","84666032257995744456276234384844723356","250406154016817337031941066522891009233","66660446047383949994918167332671113222","112571178188470329189435150339100083531","251301098521872399001555521634999749794","6003952382793383632256091615950419620","174350186034697661778048779896570511026","1440559128404706265940462394606839651","301114260969956224957559098420714433450","98451030746614602585427602736600568455","15178482701228833616047548970883233671","153472689872668995109956985454117978464","225816625900119705272015200966485531756","210933727172229679371173681061447736746","226006801026810085317839714669433781513","162326491139959665188643453340132788996","122696360430576089989435052939599106268","99555770198640598771361561238107539878","255680984952544442651290555767414901583","140799418580205959372987678005976570555","269128780002088038794289011055262293603","16806486300664845804666747618304372671","25941030594838035956056704218430166581","306304930095146756158379218967675239712","260688523255560971853825970640298577953","255585620117034733297940675954099316399","56419617541340841570516946246696013304","233939792841048709259334415911272010843","173486482341249149481747310310906262479","84666032257995744456276234384844723356","250406154016817337031941066522891009233","66660446047383949994918167332671113222","112571178188470329189435150339100083531","251301098521872399001555521634999749794","6003952382793383632256091615950419620","174350186034697661778048779896570511026"]}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13019.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}