{"id":"CVE-2024-8006","details":"Remote packet capture support is disabled by default in libpcap.  When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex().  One of the function arguments can be a filesystem path, which normally means a directory with input data files.  When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.","modified":"2026-03-23T05:09:15.740502828Z","published":"2024-08-31T00:15:05.743Z","related":["MGASA-2024-0295","SUSE-SU-2024:3210-1","SUSE-SU-2024:3217-1","SUSE-SU-2024:3355-1","SUSE-SU-2024:3516-1","SUSE-SU-2025:20059-1","SUSE-SU-2026:20064-1","openSUSE-SU-2024:14309-1"],"references":[{"type":"FIX","url":"https://github.com/the-tcpdump-group/libpcap/commit/0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/libpcap","events":[{"introduced":"0"},{"fixed":"bbcbc9174df3298a854daee2b3e666a4b6e5383a"},{"fixed":"0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29"},{"fixed":"8a633ee5b9ecd9d38a587ac9b204e2380713b0d6"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.10.5"}]}}],"versions":["libpcap-0.6.1","libpcap-0.7.1","libpcap-0.8-bp","libpcap-1.10-bp","libpcap-1.10.0","libpcap-1.10.1","libpcap-1.10.2","libpcap-1.10.3","libpcap-1.10.4","libpcap-1.3-bp","libpcap-1.5.0","libpcap-1.6.0-bp","libpcap-1.7.0-bp","libpcap-1.8.0-bp","libpcap-1.8.1","libpcap-1.9-bp","libpcap-1.9.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8006.json","vanir_signatures":[{"target":{"file":"pcap.c"},"id":"CVE-2024-8006-0005751a","source":"https://github.com/the-tcpdump-group/libpcap/commit/0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["274821971895769149813253593460732405121","70328471465415222261765572956330539410","82111364369546980584609979504067613477","162399281317615029895728943167452961801","322647407103076971329823635801275806516","65332767798215932809990559187460397951","127212387521458079471731179793542562902","187208195945300446619593720574754863010"]},"signature_type":"Line","deprecated":false},{"target":{"file":"pcap-new.c","function":"pcap_findalldevs_ex"},"id":"CVE-2024-8006-68d7278c","source":"https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6","signature_version":"v1","digest":{"function_hash":"216326314781857461255022575487116991126","length":4633},"signature_type":"Function","deprecated":false},{"target":{"file":"pcap-new.c"},"id":"CVE-2024-8006-9b3e64c6","source":"https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["303093119930627033218952398498417915189","70328471465415222261765572956330539410","333776812231799235415887346592035516484","115368977971345468778295755034332015261","322647407103076971329823635801275806516","143405077854950494387909433729170502149","148925866596298467929528575347324020767","146814526677318606341603352652391010899"]},"signature_type":"Line","deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}]}