{"id":"CVE-2023-1801","details":"The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.","modified":"2026-04-16T04:38:30.338562746Z","published":"2023-04-07T21:15:06.873Z","related":["openSUSE-SU-2024:12850-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/"},{"type":"WEB","url":"https://support.apple.com/kb/HT213844"},{"type":"WEB","url":"https://support.apple.com/kb/HT213845"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"032e4923e5202ea4d5a6d1cead83ed1927135874"},{"fixed":"03c037bbd75588beba3ee09f26d17783d21e30bc"},{"fixed":"7578e1c04ee280dda50c4c2813e7d55f539c6501"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.99.3"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0-bp","tcpdump-4.99-bp","tcpdump-4.99.0","tcpdump-4.99.0-bp","tcpdump-4.99.1","tcpdump-4.99.2","tcpdump-4.99.3"],"database_specific":{"vanir_signatures":[{"id":"CVE-2023-1801-0163d869","digest":{"threshold":0.9,"line_hashes":["38166190730075331128193528925579143781","168825706963812953918177061392525093351","154529819081921324930079689408156427500","169432206782081838228774722271845417805","140748461773654319295140929140406127548","45667429073400835866892217150934645183","336587680564699092381582966922599398149","73327962744967703344598817326534348167","317342740848087171310974701482035687361","118319896687573129361196689392244246198","52277949776093132984811621595846967596","16196727072384311056493447191465447130","190438672933571614919695044145852454050","92692957142679483624658363014599229375"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"file":"print-ahcp.c"}},{"id":"CVE-2023-1801-0509abdf","digest":{"threshold":0.9,"line_hashes":["274940642164127014545674655839669367834","307671079338547099670473521588993027621","4863733507224291562843201542887630856","36884561544676943806692641471982988293","261405865500119518075401908141940064406","102187719079539079341209584005396423530","225434594149673312519931506948024741953","335832813626454907916078186228515974079"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"print-rx.c"}},{"id":"CVE-2023-1801-0850ff6b","digest":{"threshold":0.9,"line_hashes":["127889288938720217508818710491137221581","92212800661520330227828817013254558620","301565887821638015943433179896091153701","202155449803170102725726232383091278453","240792611377169843020034876546449366183","276925095927882301358321037515473616964","303478832044192588645401246795869850934","163550766924311089651498327945849111405","91181178237218589362046127588153570329","62202623672765388642867458434501792860","209620206528380569600317264323062481924","153167064193834045086369142025288803879","138391408527818796250087165375096230121","148172595535577638324981505714178681968","172310726803749992791619757613096828562","68756405419257073485419641196691234188","156363416428307140635001572433183573858","213298064368798221929904056598409809547","310842455381502257804807049250305939734"]},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","signature_version":"v1","target":{"file":"smbutil.c"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["38166190730075331128193528925579143781","168825706963812953918177061392525093351","154529819081921324930079689408156427500","169432206782081838228774722271845417805","140748461773654319295140929140406127548","45667429073400835866892217150934645183","336587680564699092381582966922599398149","73327962744967703344598817326534348167","317342740848087171310974701482035687361","118319896687573129361196689392244246198","52277949776093132984811621595846967596","16196727072384311056493447191465447130","190438672933571614919695044145852454050","92692957142679483624658363014599229375"]},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","id":"CVE-2023-1801-0f92390e","target":{"file":"print-ahcp.c"}},{"id":"CVE-2023-1801-14e90ed1","digest":{"length":488,"function_hash":"264518731817915874712605143073029240108"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"function":"ahcp_time_print","file":"print-ahcp.c"}},{"signature_version":"v1","digest":{"length":6330,"function_hash":"248105154805577752665518646649436548764"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","id":"CVE-2023-1801-160b8007","target":{"function":"smb_fdata1","file":"smbutil.c"}},{"id":"CVE-2023-1801-18624766","digest":{"length":708,"function_hash":"192256749831768278341054317298688661739"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Function","signature_version":"v1","target":{"function":"p_ntp_time","file":"ntp.c"}},{"id":"CVE-2023-1801-19c95614","digest":{"length":539,"function_hash":"66262855289905090106367202767222706898"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Function","deprecated":false,"signature_version":"v1","target":{"function":"zep_print_ts","file":"print-zep.c"}},{"id":"CVE-2023-1801-2ef8d9e7","digest":{"threshold":0.9,"line_hashes":["143938871045167484748032565504388812769","296836794633867839820181092011739294606","332455664294566148314215790883718924379","278605223388590917120074959625822873188","56434951330780129877599354947636511348","100227879603144927812160342541957523341","300149405149464093249920724493944207209","219846900367451355971460189668587138615"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"print-zep.c"}},{"id":"CVE-2023-1801-38637148","digest":{"threshold":0.9,"line_hashes":["140897801379088527852991405717432726629","179804202025958251723513483751715987021","48088546743909713184852160743798278773","8562518908083342803383291883283646625","319887562591263711034978616969799860296","32566127889175588856234148848027249688","225078555149340459522256336842407373734","293053542008281682699157048701217984812"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"tcpdump.c"}},{"id":"CVE-2023-1801-4051c952","digest":{"threshold":0.9,"line_hashes":["140897801379088527852991405717432726629","179804202025958251723513483751715987021","48088546743909713184852160743798278773","8562518908083342803383291883283646625","319887562591263711034978616969799860296","32566127889175588856234148848027249688","225078555149340459522256336842407373734","293053542008281682699157048701217984812"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_version":"v1","target":{"file":"tcpdump.c"}},{"id":"CVE-2023-1801-48f7d5bf","digest":{"length":609,"function_hash":"240382926039499611604831510936039809022"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Function","deprecated":false,"signature_version":"v1","target":{"function":"ts_date_hmsfrac_print","file":"util-print.c"}},{"id":"CVE-2023-1801-4b48e2f8","digest":{"threshold":0.9,"line_hashes":["190912635528595448085804738584339830434","249511027014600982126347518648183406963","13970615891781316613645847458669763367"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"netdissect.h"}},{"id":"CVE-2023-1801-54f9ce66","digest":{"threshold":0.9,"line_hashes":["271905706437759834729282842433663055212","269083036896023633629749062134035658881","6128231736010748622636733859937841501","44988561282671440089022532600932072332","34868211505718978609246929349911398270","194634347781286732830962687235819470883","18006443207034470003280390550675576212","283182593454653801153047338587563241329","110467899188472775036274702521582274070","325749185322442935875954402589244088579","153697582222490744848254159031255900210","97128102410865148458804988307689063635","185689817678124849533705652884934931014","19402697729401875439105892412649477720","304753121749517853193859268462988220147","108587633537507210242609878158511307392"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"ntp.c"}},{"id":"CVE-2023-1801-7fc07776","digest":{"length":675,"function_hash":"87228379212046453617435353857476669780"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"function":"MakeFilename","file":"tcpdump.c"}},{"id":"CVE-2023-1801-81d36198","digest":{"threshold":0.9,"line_hashes":["3025699069882131222630385708257604059","158092168991993657967551466056536300402","312499652415948881011090791506220901046","288221203263894075682973356363822796850","133143739180726943269334442645669021844","235121957364493335804391251579080934639","42780426909605534849573279516186112915","3086787425047912681894677058680507805","18157704034547605946789646066643894156","31215320042498407792812243180091976890","214601360911616430014007813950824750931","14393612077373528863502942757432819851","315347921426282093290332829403220425464","250393307386732972295406463263597127520","217909708369677359249896926977974271048","159473541280443511028431009420385235938","256516457127754732961476295049188927714"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"file":"print-arista.c"}},{"id":"CVE-2023-1801-8326885f","digest":{"threshold":0.9,"line_hashes":["127889288938720217508818710491137221581","92212800661520330227828817013254558620","301565887821638015943433179896091153701","202155449803170102725726232383091278453","240792611377169843020034876546449366183","276925095927882301358321037515473616964","303478832044192588645401246795869850934","163550766924311089651498327945849111405","91181178237218589362046127588153570329","62202623672765388642867458434501792860","209620206528380569600317264323062481924","153167064193834045086369142025288803879","138391408527818796250087165375096230121","148172595535577638324981505714178681968","172310726803749992791619757613096828562","68756405419257073485419641196691234188","156363416428307140635001572433183573858","213298064368798221929904056598409809547","310842455381502257804807049250305939734"]},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","signature_version":"v1","target":{"file":"smbutil.c"}},{"signature_version":"v1","digest":{"length":609,"function_hash":"240382926039499611604831510936039809022"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","id":"CVE-2023-1801-856fe608","target":{"function":"ts_date_hmsfrac_print","file":"util-print.c"}},{"id":"CVE-2023-1801-8c257aae","digest":{"length":422,"function_hash":"234215932135695605367945633237563356718"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","deprecated":false,"signature_version":"v1","target":{"function":"arista_print_date_hms_time","file":"print-arista.c"}},{"id":"CVE-2023-1801-94482a88","digest":{"length":488,"function_hash":"264518731817915874712605143073029240108"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Function","deprecated":false,"signature_version":"v1","target":{"function":"ahcp_time_print","file":"print-ahcp.c"}},{"signature_version":"v1","digest":{"length":422,"function_hash":"234215932135695605367945633237563356718"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","id":"CVE-2023-1801-9c5e852d","target":{"function":"arista_print_date_hms_time","file":"print-arista.c"}},{"id":"CVE-2023-1801-aa57dfb0","digest":{"length":539,"function_hash":"66262855289905090106367202767222706898"},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","signature_version":"v1","target":{"function":"zep_print_ts","file":"print-zep.c"}},{"id":"CVE-2023-1801-b2f32a9d","digest":{"threshold":0.9,"line_hashes":["274940642164127014545674655839669367834","307671079338547099670473521588993027621","4863733507224291562843201542887630856","36884561544676943806692641471982988293","261405865500119518075401908141940064406","102187719079539079341209584005396423530","225434594149673312519931506948024741953","335832813626454907916078186228515974079"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"file":"print-rx.c"}},{"signature_version":"v1","digest":{"length":6330,"function_hash":"248105154805577752665518646649436548764"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","id":"CVE-2023-1801-b5fbaafd","target":{"function":"smb_fdata1","file":"smbutil.c"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["320526548436957173476256213141663970515","201253953848983808836326751985570983465","4905736082359368029727334114719130692","257384078373760336747727725899020509835","66149186013672562918077915698558389361","113756945136654110200093074442221035521","223328766115502049158938051994966137064","53622313245188351684470417796261253010","233918658138393756266912513218613901851","86277792989672807565505704523284166348","34376539954050678276547472787812225080","184949443414921032807588705370017071643","270309022975233526019272541297562370947","236514609565586096269240145177284178365","30048303502732750825761852349078711077","209896139422400217118246328695335281418","237147067403269317310231658566366987447","303282619747314000130580599146009433866"]},"deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","id":"CVE-2023-1801-c22fdc9d","target":{"file":"util-print.c"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["190912635528595448085804738584339830434","249511027014600982126347518648183406963","13970615891781316613645847458669763367"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","id":"CVE-2023-1801-c2c7666d","target":{"file":"netdissect.h"}},{"id":"CVE-2023-1801-ca165ced","digest":{"threshold":0.9,"line_hashes":["3025699069882131222630385708257604059","158092168991993657967551466056536300402","312499652415948881011090791506220901046","288221203263894075682973356363822796850","133143739180726943269334442645669021844","235121957364493335804391251579080934639","42780426909605534849573279516186112915","3086787425047912681894677058680507805","18157704034547605946789646066643894156","31215320042498407792812243180091976890","214601360911616430014007813950824750931","14393612077373528863502942757432819851","315347921426282093290332829403220425464","250393307386732972295406463263597127520","217909708369677359249896926977974271048","159473541280443511028431009420385235938","256516457127754732961476295049188927714"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"print-arista.c"}},{"id":"CVE-2023-1801-d8a57ccc","digest":{"threshold":0.9,"line_hashes":["143938871045167484748032565504388812769","296836794633867839820181092011739294606","332455664294566148314215790883718924379","278605223388590917120074959625822873188","56434951330780129877599354947636511348","100227879603144927812160342541957523341","300149405149464093249920724493944207209","219846900367451355971460189668587138615"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"print-zep.c"}},{"id":"CVE-2023-1801-e062aaad","digest":{"threshold":0.9,"line_hashes":["320526548436957173476256213141663970515","201253953848983808836326751985570983465","4905736082359368029727334114719130692","257384078373760336747727725899020509835","66149186013672562918077915698558389361","113756945136654110200093074442221035521","223328766115502049158938051994966137064","53622313245188351684470417796261253010","233918658138393756266912513218613901851","86277792989672807565505704523284166348","34376539954050678276547472787812225080","184949443414921032807588705370017071643","270309022975233526019272541297562370947","236514609565586096269240145177284178365","30048303502732750825761852349078711077","209896139422400217118246328695335281418","237147067403269317310231658566366987447","303282619747314000130580599146009433866"]},"signature_type":"Line","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","signature_version":"v1","target":{"file":"util-print.c"}},{"signature_version":"v1","digest":{"length":675,"function_hash":"87228379212046453617435353857476669780"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc","id":"CVE-2023-1801-e5207a15","target":{"function":"MakeFilename","file":"tcpdump.c"}},{"id":"CVE-2023-1801-f36cc779","digest":{"length":708,"function_hash":"192256749831768278341054317298688661739"},"signature_type":"Function","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_version":"v1","target":{"function":"p_ntp_time","file":"ntp.c"}},{"id":"CVE-2023-1801-f7aeb07a","digest":{"threshold":0.9,"line_hashes":["271905706437759834729282842433663055212","269083036896023633629749062134035658881","6128231736010748622636733859937841501","44988561282671440089022532600932072332","34868211505718978609246929349911398270","194634347781286732830962687235819470883","18006443207034470003280390550675576212","283182593454653801153047338587563241329","110467899188472775036274702521582274070","325749185322442935875954402589244088579","153697582222490744848254159031255900210","97128102410865148458804988307689063635","185689817678124849533705652884934931014","19402697729401875439105892412649477720","304753121749517853193859268462988220147","108587633537507210242609878158511307392"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","deprecated":false,"signature_version":"v1","target":{"file":"ntp.c"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1801.json","vanir_signatures_modified":"2026-04-12T08:34:22Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}