Ryan Ackroyd

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.3 **Description** The issue is related to a buffer over-read in the print-802 11.c component of the tcpdump utility, specifically in the IEEE 802.11 parser for the Mesh Flags subfield. This can be exploited by a remote attacker to cause a denial of service. Additionally, there is a heap-based buffer over-read related to the aoe print function in print-aoe.c and the lookup emem function in addrtoname.c. **Recommendations** For versions prior to 4.9.3, update to version 4.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the tcpdump utility until a patch is applied. Avoid using the affected components, such as the print-802 11.c and print-aoe.c functions, until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.3 **Description** The issue is related to a buffer over-read in the `dccp print option()` function of the DCCP parser in tcpdump, which can be exploited by a remote attacker to cause a denial of service. The `dccp print option()` function, located in print-dccp.c, is vulnerable to a buffer over-read, allowing an attacker to potentially disrupt service. **Recommendations** For versions prior to 4.9.3, update to version 4.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `dccp print option()` function in print-dccp.c until a patch is available.