CVE-2017-13689
Description
Buffer over-read in tcpdump's IKEv1 parser allows denial of service or potential code execution via crafted packets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer over-read in tcpdump's IKEv1 parser allows denial of service or potential code execution via crafted packets.
Vulnerability
The vulnerability is a buffer over-read in the IKEv1 parser of tcpdump versions prior to 4.9.2. It resides in the ikev1_id_print() function in print-isakmp.c. For the IPSECDOI_ID_IPV6_ADDR_SUBNET type, the length check was insufficient (checked < 20 instead of < 32), allowing an over-read when processing crafted ISAKMP packets. [3]
Exploitation
An attacker can exploit this by sending a specially crafted IKEv1 packet to a system running tcpdump. No authentication is required; the attacker only needs network access. The target must be capturing or monitoring traffic. The over-read occurs when the identifier data length is less than expected. [3][4]
Impact
Successful exploitation can cause a denial of service (crash) or potentially lead to arbitrary code execution in the context of the tcpdump process. [4] The over-read may also leak sensitive memory contents. [2]
Mitigation
The vulnerability is fixed in tcpdump version 4.9.2. [3] Users should upgrade to this version or later. Red Hat provides updated packages [2], and Gentoo recommends upgrading to >=net-analyzer/tcpdump-4.9.2. [4] No workarounds are known.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
11- osv-coords10 versionspkg:rpm/opensuse/tcpdump&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 4.99.1-1.2+ 9 more
- (no CPE)range: < 4.99.1-1.2
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 3.9.8-1.30.13.1
- (no CPE)range: < 3.9.8-1.30.13.1
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 4.9.2-14.5.1
- (no CPE)range: < 4.9.2-14.5.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/the-tcpdump-group/tcpdump/commit/061e7371a944588f231cb1b66d6fb070b646e376nvdIssue TrackingPatchThird Party Advisory
- www.securitytracker.com/id/1039307nvdThird Party AdvisoryVDB Entry
- www.tcpdump.org/tcpdump-changes.txtnvdVendor Advisory
- www.debian.org/security/2017/dsa-3971nvd
- access.redhat.com/errata/RHEA-2018:0705nvd
- security.gentoo.org/glsa/201709-23nvd
- support.apple.com/HT208221nvd
News mentions
0No linked articles in our index yet.