CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
tcpdumplibpcap
1.1.1 ≤
𝑥
< 1.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libpcap
bullseye
1.10.0-2
fixed
bookworm
1.10.3-1
fixed
sid
1.10.5-1
fixed
trixie
1.10.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libpcap
vivid
not-affected
utopic
not-affected
trusty
not-affected
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
ignored
maverick
ignored
lucid
ignored
hardy
ignored
References
http://article.gmane.org/gmane.network.tcpdump.devel/4968
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
http://www.openwall.com/lists/oss-security/2011/05/19/11
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1%3Bbug=623868%3Bfilename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch%3Bmsg=10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
https://security-tracker.debian.org/tracker/CVE-2011-1935/
http://article.gmane.org/gmane.network.tcpdump.devel/4968
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
http://www.openwall.com/lists/oss-security/2011/05/19/11
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1%3Bbug=623868%3Bfilename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch%3Bmsg=10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
https://security-tracker.debian.org/tracker/CVE-2011-1935/