Red Hat Product Errata RHSA-2024:0571 - Security Advisory
Issued:
2024-01-30
Updated:
2024-01-30

RHSA-2024:0571 - Security Advisory

Synopsis

Moderate: tcpdump security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tcpdump is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.

Security Fix(es):

  • tcpslice: use-after-free in extract_slice() (CVE-2021-41043)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2040392 - CVE-2021-41043 tcpslice: use-after-free in extract_slice()

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
x86_64
tcpdump-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 38380c6880e50493ea2c9c2c9d4f84accbc34ea9e6322d96887658a52274999e
tcpdump-debuginfo-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 7fe4ab6df585e4f47d05dd8a0101b4d28bd0a12785b9e1cb18ca2e48b729fe1c
tcpdump-debugsource-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: a1e2adfcbbab92a0a360f1b62cfa2f5d32d7980db3f7b655c898e22e051cb450

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
s390x
tcpdump-4.9.3-3.el8_8.1.s390x.rpm SHA-256: ac8f94adb32d2cd696bae96494da75e646ec4d31de8e7ed9af21963e056fd671
tcpdump-debuginfo-4.9.3-3.el8_8.1.s390x.rpm SHA-256: d0e6b66a235fafda480bbee2f1e74828c4504fe12a1eeabf04ebed8b26d29498
tcpdump-debugsource-4.9.3-3.el8_8.1.s390x.rpm SHA-256: 8886eb2f0fe8adc4e27c1c40af9bc50bbe1a46477d9135eedcb1a2634a002882

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
ppc64le
tcpdump-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: e183d1e8c04fc19101676cd34a048727e7078731ae5a2ad1b56f8054a265dee7
tcpdump-debuginfo-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: 41ba556733c4c267fede3651f83823e11e459082feeb2bde2a1111b780b0d9c7
tcpdump-debugsource-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: c8b710641565ba142299565642fa20704f20382c2cda961d8b6e16492ec5dcdd

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
x86_64
tcpdump-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 38380c6880e50493ea2c9c2c9d4f84accbc34ea9e6322d96887658a52274999e
tcpdump-debuginfo-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 7fe4ab6df585e4f47d05dd8a0101b4d28bd0a12785b9e1cb18ca2e48b729fe1c
tcpdump-debugsource-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: a1e2adfcbbab92a0a360f1b62cfa2f5d32d7980db3f7b655c898e22e051cb450

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
aarch64
tcpdump-4.9.3-3.el8_8.1.aarch64.rpm SHA-256: 3fdc6499d1c44c016109ea775d689982137cea3303b9e76f110eda0264ec9d6b
tcpdump-debuginfo-4.9.3-3.el8_8.1.aarch64.rpm SHA-256: 10cbaa7fbd5ec4735c30fe595797df3025b55b5588345f6b3779e5f9d913994f
tcpdump-debugsource-4.9.3-3.el8_8.1.aarch64.rpm SHA-256: 6a47b4f2ef5b0eb897960922bfe32fda759559c853cb002f1e57b22d36db20e9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
ppc64le
tcpdump-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: e183d1e8c04fc19101676cd34a048727e7078731ae5a2ad1b56f8054a265dee7
tcpdump-debuginfo-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: 41ba556733c4c267fede3651f83823e11e459082feeb2bde2a1111b780b0d9c7
tcpdump-debugsource-4.9.3-3.el8_8.1.ppc64le.rpm SHA-256: c8b710641565ba142299565642fa20704f20382c2cda961d8b6e16492ec5dcdd

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
tcpdump-4.9.3-3.el8_8.1.src.rpm SHA-256: 913c5738c6723e33eb7cb62f6322610a2d150b532ab160cea5bcb70e95231526
x86_64
tcpdump-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 38380c6880e50493ea2c9c2c9d4f84accbc34ea9e6322d96887658a52274999e
tcpdump-debuginfo-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: 7fe4ab6df585e4f47d05dd8a0101b4d28bd0a12785b9e1cb18ca2e48b729fe1c
tcpdump-debugsource-4.9.3-3.el8_8.1.x86_64.rpm SHA-256: a1e2adfcbbab92a0a360f1b62cfa2f5d32d7980db3f7b655c898e22e051cb450

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.