Join GitHub today
CVE-2016-7993 segfault in relts_print at util-print.c:360 while reading malformed pcap #496
This bug was found with American Fuzzy Lop. While reading a malformed pcap file, I was able to trigger a crash in relts_print at util-print.c:360:
This bug affects the following:
It does not appear to affect tcpdump 4.6.2-5+deb8u1.
Due to the sometimes sensitive nature of the bugs I find, I won't attach the test case until the project maintainers have a chance to look this over.
#496 is still open.
On Mon, Dec 21, 2015 at 11:01 PM, Guy Harris email@example.com wrote:
I was about to open a new issue for this but noticed that @geeknik opened one already before.
Just copy-pasting that in here in case some "more" info is needed?
The corrupted pcap file can be downloaded from here. It seems that either some versions are unaffected by this or the pcap file doesn't cause a segfault on other operating systems than Debian/Ubuntu. Here's how I tested the corrupted pcap file against tcpdump:
Affected: Debian 8.6 amd64, tcpdump and libpcap from deb repositories:
Affected: Ubuntu 16.04 amd64, tcpdump and libpcap from deb repositories:
Unaffected: openSUSE Tumbleweed 20161014 amd64, tcpdump and libpcap from yum/zypper repositories:
Unaffected: FreeBSD 10.3-RELEASE amd64, tcpdump and libpcap shipped with OS:
changed the title from
segfault in relts_print at util-print.c:360 while reading malformed pcap
CVE-2016-7993 segfault in relts_print at util-print.c:360 while reading malformed pcap
Feb 2, 2017
The original reporter for this vulnerability is Hanno Böck. It took a long time to publish the fix so the same issue was later independently discovered by other researchers.