CVE-2018-14938 : An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha.

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service).

Published 2018-08-05 03:29:00

Updated 2020-11-29 02:15:11

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Products affected by CVE-2018-14938

Canonical » Ubuntu Linux » Version: 16.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.10
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Matching versions
Digitalcorpora » Tcpflow
Versions up to, including, (<=) 1.4.5
cpe:2.3:a:digitalcorpora:tcpflow:*:*:*:*:*:*:*:*
Matching versions
Digitalcorpora » Tcpflow » Version: 1.5.0 Update Alpha
cpe:2.3:a:digitalcorpora:tcpflow:1.5.0:alpha:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2018-14938

EPSS FAQ

0.51%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 65 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-14938

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:P	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial
9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H	3.9	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: High

CWE ids for CVE-2018-14938

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-14938

https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb

fixed buffer overflow · simsong/tcpflow@a4e1cd1 · GitHub
Patch;Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00046.html

[SECURITY] [DLA 2468-1] tcpflow security update
https://github.com/simsong/tcpflow/issues/182

A integer overflow vulnerability in wifipacp.cpp · Issue #182 · simsong/tcpflow · GitHub
Exploit;Third Party Advisory
https://usn.ubuntu.com/3955-1/

USN-3955-1: tcpflow vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2018-14938

Products affected by CVE-2018-14938

Exploit prediction scoring system (EPSS) score for CVE-2018-14938

CVSS scores for CVE-2018-14938

CWE ids for CVE-2018-14938

References for CVE-2018-14938