Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tcpdump | Redhat | 3.9.6 | 3.9.6 |
| Tcpdump | Redhat | 3.9.7 | 3.9.7 |
| Tcpdump | Redhat | 3.9.8 | 3.9.8 |
| Tcpdump | Redhat | 4.0.0 | 4.0.0 |
| Tcpdump | Redhat | 4.1.0 | 4.1.0 |
| Tcpdump | Redhat | 4.1.1 | 4.1.1 |
| Tcpdump | Redhat | 4.1.2 | 4.1.2 |
| Tcpdump | Redhat | 4.2.1 | 4.2.1 |
| Tcpdump | Redhat | 4.3.0 | 4.3.0 |
| Tcpdump | Redhat | 4.3.1 | 4.3.1 |
| Tcpdump | Redhat | 4.4.0 | 4.4.0 |
| Tcpdump | Redhat | 4.5.0 | 4.5.0 |
| Tcpdump | Redhat | 4.5.1 | 4.5.1 |
| Tcpdump | Redhat | 4.5.2 | 4.5.2 |
| Tcpdump | Redhat | 4.6.0 | 4.6.0 |
| Tcpdump | Redhat | 4.6.1 | 4.6.1 |
| Tcpdump | Redhat | 4.6.2 | 4.6.2 |