CVE-2024-8006
MEDIUM EPSS 12.4%
Published Aug 31, 20241y ago · Modified Jun 17, 20262w ago
4.4 CVSS 3.1
Published Aug 31, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
12.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| tcpdump | libpcap | * | <1.10.5 |
References 2
- github.com https://github.com/the-tcpdump-group/libpcap/commit/0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29
- github.com https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6
Remediation
- github.com https://github.com/the-tcpdump-group/libpcap/commit/0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29
- github.com https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6