{"id":"CVE-2017-13050","details":"The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().","modified":"2026-04-16T06:16:30.954588837Z","published":"2017-09-14T06:29:03.077Z","related":["SUSE-SU-2017:2854-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039307"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"83c64fce3a5226b080e535f5131a8a318f30e79b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13050.json","vanir_signatures_modified":"2026-04-11T04:47:35Z","vanir_signatures":[{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b","deprecated":false,"digest":{"length":669,"function_hash":"141239582794057570470987336506776090372"},"target":{"function":"rpki_rtr_print","file":"print-rpki-rtr.c"},"signature_type":"Function","id":"CVE-2017-13050-611448b2","signature_version":"v1"},{"signature_version":"v1","target":{"function":"rpki_rtr_pdu_print","file":"print-rpki-rtr.c"},"digest":{"length":2738,"function_hash":"295520539632666605697161524966214526591"},"deprecated":false,"signature_type":"Function","id":"CVE-2017-13050-6e2b6762","source":"https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b"},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/83c64fce3a5226b080e535f5131a8a318f30e79b","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["91225192506105998309656882204112898242","262187063736358619995156440999419109627","166315129350058571953828727477546937","298006129535044815119760179099668095020","97069024222213392060925699335199687026","274376829970298274072693113533273873962","132812486988574340858222179874944060623","73158307040893329996081366393827840434","38770803252390384797008997686223905389","212840269067239195018939194786318908987","279002704646582947593862160923602182035","265137096026138749224121276587971217713","44759950252258876572735195581578552466","118035335837821683127876155457209168411","307806445243403754942464742736559115364","272211986666805814709347757928471918742","107387499406334254861223644004341276718","154222773333757247552275543442394240457","160813801222478806804778122130602103735","85326783791320134857645072949683820516","20249441343017067010610491134159143698","131339484936026735641148929568921374956","168349606390673198360471324889431370689","51298838525042395530623939199368487231","219103874955128086241251088597746049525","39658015490680465377385166222640406669","170369174625561933002580279281881596851","75693305635627415653940738166097463389","256066385969391049856548725411488120046","302977702552666175443984893323495525379","244639727233687488653275362747246389874","136035724361201526636410117822128468066","193905384643790201314885535376926075453","222083579166922403901453400625932852832","111327442546630058018894437750867397131","311654193889160677195977760126621811310","18805401642157687033404361288566777631","213215969876390632206861000434702924592","38564528239260236306605177010372377070","128028702987161132645786658802809713557","243504277049159052955102541089331410045","160020244723664695717774184198429046596","181284558576093332083798143314413795252","254885052039731149284226327759845910557","255374403118992587691754886113761878581","280514292952836398273678169452419647244","124827006203318965317125252843562520352","171666692536767969736121637409218891323","196742315263719170428405138495212884918","74670572121518172502803597968133647696","102861354578030637073173144336966009128","180143679043341809098086905034756572185","80583479480706434155256331599649440692","69430313341075875053639353955687386837","257169105012863577896570708967603018670","278440607665016670347304045157572865899","68643347249363866954899736394615644039","124402665139142613523638929733597681076","242957400948405923637308422249744195281","303066998238515926281819426295996133814","45634399928560774113077342082911381690","101150802627265699164540379340373006190","232806047119770206111539639632757842055","230874223127518689197709696055832999757","137464318650245614603867393268638077713","335791640987574347339579410591474143658","274512752148104369886257144281043958031","50326771297085245924226368369901958819","260253245832933644495325604882506999827","83426708373943537838967672766163686826","140627787723616427051601877283307959667","255571027334586559884145787959210886034","246086906322735415186696517504570534656","56284921621254197337040185374465732940","200999076297159106769901060146803910331","273510824703989736383203767893246914539","315357586201525450452772258317783156022","314555068863564744379138678764292929875","322985042149821343355826592482294702032","319812315341876029931562693857351815255","140955276574663499046392430380439924968","177835257888985640021649273989301206356","227078432055244504477784317279560825988","243981764867112182590189507647504660463","147846373021940519776798415118844518868","203477200432067296163455731527561719376","297396953808511234179795849301268865589","312043837299654912683802797563832577653","322086381283737441953009697811676900405","26413248134635780417011726315503089000","5335269101984334195666173065618812363","100209535229981075889549371278728263426","125583023689800364215247893752146311699","118035335837821683127876155457209168411","192122213145940478726189211086752073395","202471555802431994101760567366776854573","291729857264382859490272237148900621577","60635844057389735514039909875293574998","78652959919333060933400491683870156828","30150919572514270393151896365953664663","47015397611876336831294082398705691217","257283038492899271527541778898900362525","284586309647032263097930741452681940563","39962680461584609871464861530987145535","257436138602958186947972051929851501836","298006105998509025246215320295043115379","187758872079081803776693414336199872419","14822241174959720645042805053885924450","117990556228961767323321863581370439265"]},"target":{"file":"print-rpki-rtr.c"},"signature_type":"Line","id":"CVE-2017-13050-b35a9eaa","signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}