ALT Linux Team

Package tcpflow update in sisyphus_e2k on 2022-05-14

ALT-PU-2022-4949-1

Package tcpflow updated to version 1.6.1-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2018-10-17
Modified: 2024-11-21

CVE-2018-18409

A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.

Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top