CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
tcpdumplibpcap
1.1.1 ≤
𝑥
< 1.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libpcap
bookworm
1.10.3-1
fixed
bullseye
1.10.0-2
fixed
sid
1.10.5-1
fixed
trixie
1.10.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libpcap
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
not-affected
precise
not-affected
quantal
not-affected
raring
not-affected
saucy
not-affected
trusty
not-affected
utopic
not-affected
vivid
not-affected
References
http://article.gmane.org/gmane.network.tcpdump.devel/4968
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
http://www.openwall.com/lists/oss-security/2011/05/19/11
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1%3Bbug=623868%3Bfilename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch%3Bmsg=10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
https://security-tracker.debian.org/tracker/CVE-2011-1935/
http://article.gmane.org/gmane.network.tcpdump.devel/4968
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
http://www.openwall.com/lists/oss-security/2011/05/19/11
http://www.openwall.com/lists/oss-security/2014/02/08/5
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1%3Bbug=623868%3Bfilename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch%3Bmsg=10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
https://security-tracker.debian.org/tracker/CVE-2011-1935/