{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2023-1801",
        "assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
        "state": "PUBLISHED",
        "assignerShortName": "Tcpdump",
        "dateReserved": "2023-04-02T11:09:43.663Z",
        "datePublished": "2023-04-07T20:40:55.540Z",
        "dateUpdated": "2024-08-02T06:05:25.518Z"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
                "shortName": "Tcpdump",
                "dateUpdated": "2023-04-07T20:40:55.540Z"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet."
                }
            ],
            "affected": [
                {
                    "vendor": "The Tcpdump Group",
                    "product": "tcpdump",
                    "programRoutines": [
                        {
                            "name": "smb_fdata1()"
                        }
                    ],
                    "versions": [
                        {
                            "version": "4.99.3",
                            "status": "affected"
                        }
                    ],
                    "defaultStatus": "unaffected"
                }
            ],
            "references": [
                {
                    "url": "https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501",
                    "tags": [
                        "patch"
                    ]
                },
                {
                    "url": "https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc",
                    "tags": [
                        "patch"
                    ]
                },
                {
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/"
                },
                {
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/"
                },
                {
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/"
                },
                {
                    "url": "https://support.apple.com/kb/HT213844"
                },
                {
                    "url": "https://support.apple.com/kb/HT213845"
                }
            ],
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "lang": "en",
                            "description": "out-of-bounds write",
                            "type": "CWE",
                            "cweId": "CWE-787"
                        }
                    ]
                }
            ],
            "configurations": [
                {
                    "lang": "en",
                    "value": "This vulnerability applies only to tcpdump binaries that were compiled with the SMB printer explicitly enabled. The SMB printer compilation is disabled by default."
                }
            ],
            "workarounds": [
                {
                    "lang": "en",
                    "value": "Do not enable the SMB printer when building tcpdump 4.99.3."
                }
            ],
            "solutions": [
                {
                    "lang": "en",
                    "value": "If using tcpdump 4.99.3, upgrade to 4.99.4."
                }
            ]
        },
        "adp": [
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-02T06:05:25.518Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501",
                        "tags": [
                            "patch",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc",
                        "tags": [
                            "patch",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://support.apple.com/kb/HT213844",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://support.apple.com/kb/HT213845",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    }
}