{"id":"CVE-2017-5204","details":"The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().","modified":"2026-04-01T23:47:46.884325Z","published":"2017-01-28T01:59:01.107Z","related":["MGASA-2017-0061","SUSE-SU-2017:0656-1","SUSE-SU-2017:1110-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201702-30"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3775"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95852"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037755"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1871"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"fixed":"cae54f4d943f163541dc7a90f7f5b432859955e4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.9.0"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.5.2","tcpdump-3.6.1","tcpdump-3.6.2","tcpdump-3.6.3","tcpdump-3.7.1","tcpdump-3.7.2","tcpdump-3.8-bp","tcpdump-3.8.1","tcpdump-3.8.2","tcpdump-3.8.3","tcpdump-3.9.1","tcpdump-3.9.2","tcpdump-3.9.3","tcpdump-3.9.5","tcpdump-3.9.6","tcpdump-3.9.7","tcpdump-3.9.8","tcpdump-4.0.0","tcpdump-4.1.0","tcpdump-4.1.1","tcpdump-4.2.1","tcpdump-4.3.0","tcpdump-4.4.0","tcpdump-4.5.0","tcpdump-4.5.1","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.6.1","tcpdump-4.7.0-bp","tcpdump-4.7.2","tcpdump-4.7.3","tcpdump-4.7.4","tcpdump-4.8.0","tcpdump-4.8.0-bp","tcpdump-4.8.1"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5204.json","vanir_signatures":[{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","id":"CVE-2017-5204-2ba3af18","signature_version":"v1","digest":{"length":2587,"function_hash":"31486734027380005103230538229483283558"},"deprecated":false,"signature_type":"Function","target":{"file":"print-ether.c","function":"ethertype_print"}},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","id":"CVE-2017-5204-4cb9a0ba","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["289962869142539033919548699903735971895","321187814844074319440356878954916582618","96278794428690994985504688327165122951","334924286569736786368128921431302191310"]},"deprecated":false,"signature_type":"Line","target":{"file":"print-ether.c"}},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","id":"CVE-2017-5204-7041f422","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["208063356587562841728207749352312617633","94369104648756919419866969560637031504","158530789875360221930177539868533298858","253446335086249471187651377860820435235"]},"deprecated":false,"signature_type":"Line","target":{"file":"netdissect.h"}},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","id":"CVE-2017-5204-90c9aa2a","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["114946376029719487727067709523051033051","227334674829184980067944298911146947115","210376600301944043403573276686938546462","178848560193805662289114191287577780030","275264082656881882204531968707571331121","125472290036734832543852872169378264835","173676936645231007527992549401569557625","288479365740565370114994721279060580351","109609806529605983880753254914716894236","142606612004130782709107352262636392155","29719618684433844042017610474921887645","226023839603229667093098466115918767045","72712425789080240366374511061789058613","151346982239502861005805789530967240933","336759652068049672908093915736280119824","206371089863004604069910662208531735471","223713852872945044680520491862189426699","190210319895479423224763214308807174099","79472329640795828550526242935079441795","337237102835808452012520121951202183188","326954748457766422394896389595937310919","164383034353028065510931221836837725166","232747210196469577238906567634162708264","100592845038565327953900512326475285722","109264432762985498185441714222958983220"]},"deprecated":false,"signature_type":"Line","target":{"file":"print-medsa.c"}},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","id":"CVE-2017-5204-e7c0e582","signature_version":"v1","digest":{"length":1324,"function_hash":"285468102648205064789132629197542510522"},"deprecated":false,"signature_type":"Function","target":{"file":"print-medsa.c","function":"medsa_print"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}