CVE-2024-2397

Name	CVE-2024-2397
Description	Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
tcpdump (PTS)	bullseye	4.99.0-2+deb11u1	fixed
	bookworm	4.99.3-1	fixed
	forky, sid, trixie	4.99.5-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
tcpdump	source	(unstable)	(not affected)

Notes

- tcpdump <not-affected> (Vulnerable code not present in any version uploaded to Debian)
Introduced by: https://github.com/the-tcpdump-group/tcpdump/commit/0d4083ee8687a9f6578e26a1407bd9f2a9d27885
Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2