CVE-2019-15167
Description
A missing bounds check in VRRPv3 packet parsing in tcpdump before 4.9.3 allows buffer over-read via a crafted packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing bounds check in VRRPv3 packet parsing in tcpdump before 4.9.3 allows buffer over-read via a crafted packet.
Vulnerability
A buffer over-read vulnerability exists in the VRRP (Virtual Router Redundancy Protocol) packet parser in tcpdump versions prior to 4.9.3. Specifically, the function vrrp_print() in print-vrrp.c lacks a necessary bounds check when processing VRRP version 3 advertisements, causing the parser to read beyond the allocated packet buffer. The issue is distinct from CVE-2018-14463, which affects a different part of the same parser. [1]
Exploitation
An attacker can exploit this vulnerability by crafting a malicious VRRPv3 packet with specially crafted header fields. The target system must be running a vulnerable version of tcpdump and have it actively capturing network traffic. When tcpdump processes the malicious packet, the missing bounds check in vrrp_print() results in a heap or stack buffer over-read. No authentication or special privileges are required to send the packet over the network. [1]
Impact
Successful exploitation leads to a buffer over-read, which may cause tcpdump to read memory beyond the packet buffer. This can result in information disclosure (exposure of adjacent memory contents) or a crash (denial of service). The vulnerability does not appear to enable remote code execution. [1]
Mitigation
The vulnerability is fixed in tcpdump version 4.9.3, released on November 14, 2019. Users should upgrade to this version or later. No workarounds are available; the only mitigation is to avoid running tcpdump on untrusted network traffic until patched. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
9- osv-coords7 versionspkg:rpm/opensuse/tcpdump&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/tcpdump&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/tcpdump&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 4.9.2-lp150.10.1+ 6 more
- (no CPE)range: < 4.9.2-lp150.10.1
- (no CPE)range: < 4.9.2-lp151.4.6.1
- (no CPE)range: < 4.99.1-1.2
- (no CPE)range: < 4.9.2-3.9.1
- (no CPE)range: < 4.9.2-3.9.1
- (no CPE)range: < 4.9.2-14.17.1
- (no CPE)range: < 4.9.2-14.17.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/the-tcpdump-group/tcpdump/commit/a152aebfd1114376ba266ed30416be596ef9d806mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.