CVE-2018-14468: High severity macos catalina vulnerability

Q: What is the severity of CVE-2018-14468?

CVE-2018-14468 is classified as a high severity vulnerability due to its potential impact on systems using affected versions of tcpdump.

Q: How do I fix CVE-2018-14468?

To fix CVE-2018-14468, you should update tcpdump to version 4.9.3 or later, and ensure your libpcap version is 1.9.1 or above.

Q: What versions of tcpdump are affected by CVE-2018-14468?

Versions of tcpdump prior to 4.9.3 are affected by CVE-2018-14468 due to the buffer over-read issue.

Q: Which operating systems are vulnerable to CVE-2018-14468?

CVE-2018-14468 affects various operating systems, including Apple macOS Catalina, Mojave, High Sierra, and specific versions of Debian and Fedora.

Q: What type of vulnerability is CVE-2018-14468?

CVE-2018-14468 is categorized as a buffer over-read vulnerability in the FRF.16 parser of tcpdump.

Published Oct 3, 2019

Updated

Last updated 24 July 2024

Other sources

tcpdump. Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint().

— Launchpad

Credit

CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16301, CVE-2018-16451, CVE-2018-16452, CVE-2019-15166, CVE-2019-15167

Affected Software

87 affected componentsFixes available

debian/tcpdump

4.99.0-2+deb11u14.99.3-14.99.5-1

Apple macOS Catalina<10.15.2

10.15.2

Apple Mojave

Apple High Sierra

tcpdump tcpdump<4.9.3

Apple iOS and macOS<10.15.2

Debian Debian Linux=8.0

Debian Debian Linux=9.0

Debian Debian Linux=10.0

Fedoraproject Fedora=29

Fedoraproject Fedora=30

Fedoraproject Fedora=31

openSUSE Leap=15.0

openSUSE Leap=15.1

redhat Enterprise Linux=7.0

redhat Enterprise Linux=8.0

F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0

F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0

F5 BIG-IQ Centralized Management=7.0.0

F5 BIG-IP Access Policy Manager>=11.6.0<=11.6.5

F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5

F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3

F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.2

F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1

F5 BIG-IP Advanced Firewall Manager>=11.6.0<=11.6.5

F5 BIG-IP Advanced Firewall Manager>=12.1.0<=12.1.5

F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.3

F5 BIG-IP Advanced Firewall Manager>=14.0.0<=14.1.2

F5 BIG-IP Advanced Firewall Manager>=15.0.0<=15.0.1

F5 BIG-IP Analytics>=11.6.0<=11.6.5

F5 BIG-IP Analytics>=12.1.0<=12.1.5

F5 BIG-IP Analytics>=13.1.0<=13.1.3

F5 BIG-IP Analytics>=14.0.0<=14.1.2

F5 BIG-IP Analytics>=15.0.0<=15.0.1

F5 Big-ip Application Acceleration Manager>=11.6.0<=11.6.5

F5 Big-ip Application Acceleration Manager>=12.1.0<=12.1.5

F5 Big-ip Application Acceleration Manager>=13.1.0<=13.1.3

F5 Big-ip Application Acceleration Manager>=14.0.0<=14.1.2

F5 Big-ip Application Acceleration Manager>=15.0.0<=15.0.1

F5 BIG-IP Application Security Manager>=11.6.0<=11.6.5

F5 BIG-IP Application Security Manager>=12.1.0<=12.1.5

F5 BIG-IP Application Security Manager>=13.1.0<=13.1.3

F5 BIG-IP Application Security Manager>=14.0.0<=14.1.2

F5 BIG-IP Application Security Manager>=15.0.0<=15.0.1

F5 Big-ip Domain Name System>=11.6.0<=11.6.5

F5 Big-ip Domain Name System>=12.1.0<=12.1.5

F5 Big-ip Domain Name System>=13.1.0<=13.1.3

F5 Big-ip Domain Name System>=14.0.0<=14.1.2

F5 Big-ip Domain Name System>=15.0.0<=15.0.1

F5 BIG-IP Edge Gateway>=11.6.0<=11.6.5

F5 BIG-IP Edge Gateway>=12.1.0<=12.1.5

F5 BIG-IP Edge Gateway>=13.1.0<=13.1.3

F5 BIG-IP Edge Gateway>=14.0.0<=14.1.2

F5 BIG-IP Edge Gateway>=15.0.0<=15.0.1

F5 Big-ip Fraud Protection Service>=11.6.0<=11.6.5

F5 Big-ip Fraud Protection Service>=12.1.0<=12.1.5

F5 Big-ip Fraud Protection Service>=13.1.0<=13.1.3

F5 Big-ip Fraud Protection Service>=14.0.0<=14.1.2

F5 Big-ip Fraud Protection Service>=15.0.0<=15.0.1

F5 Big-ip Global Traffic Manager>=11.6.0<=11.6.5

F5 Big-ip Global Traffic Manager>=12.1.0<=12.1.5

F5 Big-ip Global Traffic Manager>=13.1.0<=13.1.3

F5 Big-ip Global Traffic Manager>=14.0.0<=14.1.2

F5 Big-ip Global Traffic Manager>=15.0.0<=15.0.1

F5 Big-ip Link Controller>=11.6.0<=11.6.5

F5 Big-ip Link Controller>=12.1.0<=12.1.5

F5 Big-ip Link Controller>=13.1.0<=13.1.3

F5 Big-ip Link Controller>=14.0.0<=14.1.2

F5 Big-ip Link Controller>=15.0.0<=15.0.1

F5 Big-ip Local Traffic Manager>=11.6.0<=11.6.5

F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.5

F5 Big-ip Local Traffic Manager>=13.1.0<=13.1.3

F5 Big-ip Local Traffic Manager>=14.0.0<=14.1.2

F5 Big-ip Local Traffic Manager>=15.0.0<=15.0.1

F5 Big-ip Policy Enforcement Manager>=11.6.0<=11.6.5

F5 Big-ip Policy Enforcement Manager>=12.1.0<=12.1.5

F5 Big-ip Policy Enforcement Manager>=13.1.0<=13.1.3

F5 Big-ip Policy Enforcement Manager>=14.0.0<=14.1.2

F5 Big-ip Policy Enforcement Manager>=15.0.0<=15.0.1

F5 Big-ip Webaccelerator>=11.6.0<=11.6.5

F5 Big-ip Webaccelerator>=12.1.0<=12.1.5

F5 Big-ip Webaccelerator>=13.1.0<=13.1.3

F5 Big-ip Webaccelerator>=14.0.0<=14.1.2

F5 Big-ip Webaccelerator>=15.0.0<=15.0.1

F5 Enterprise Manager=3.1.1

F5 iWorkflow=2.3.0

F5 Traffix Signaling Delivery Controller>=5.0.0<=5.1.0

Remediation

Patch Available

https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b

Event History

Oct 3, 2019

CVE Published

via MITRE·03:27 PM

Data Sourced

via MITRE·03:27 PM

Description

Data Sourced

via NVD·04:15 PM

RemedyDescriptionSeverityWeaknessAffected Software

Jan 11, 2024

Data Sourced

via Launchpad·10:51 PM

Description

Sep 16, 2024

Data Sourced

via Ubuntu·01:56 AM

RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

HT210788

Frequently Asked Questions

What is the severity of CVE-2018-14468?

CVE-2018-14468 is classified as a high severity vulnerability due to its potential impact on systems using affected versions of tcpdump.

How do I fix CVE-2018-14468?

To fix CVE-2018-14468, you should update tcpdump to version 4.9.3 or later, and ensure your libpcap version is 1.9.1 or above.

What versions of tcpdump are affected by CVE-2018-14468?

Versions of tcpdump prior to 4.9.3 are affected by CVE-2018-14468 due to the buffer over-read issue.

Which operating systems are vulnerable to CVE-2018-14468?

CVE-2018-14468 affects various operating systems, including Apple macOS Catalina, Mojave, High Sierra, and specific versions of Debian and Fedora.

What type of vulnerability is CVE-2018-14468?

CVE-2018-14468 is categorized as a buffer over-read vulnerability in the FRF.16 parser of tcpdump.

CVE-2018-14468: High severity macos catalina vulnerability

Other sources

Credit

Affected Software

Remediation

Patch Available

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2018-14468?

How do I fix CVE-2018-14468?

What versions of tcpdump are affected by CVE-2018-14468?

Which operating systems are vulnerable to CVE-2018-14468?

What type of vulnerability is CVE-2018-14468?

Company

Resources

Contact