{"id":"CVE-2017-12997","details":"The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().","modified":"2026-04-16T01:43:36.504994537Z","published":"2017-09-14T06:29:00.997Z","related":["SUSE-SU-2017:2854-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/100914"},{"type":"WEB","url":"http://www.securitytracker.com/id/1039307"},{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"REPORT","url":"https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"fixed":"34cec721d39c76be1e0a600829a7b17bdfb832b6"}]}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0-bp"],"database_specific":{"vanir_signatures":[{"digest":{"length":5871,"function_hash":"1885717028255664028988507052205420652"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6","deprecated":false,"signature_type":"Function","signature_version":"v1","target":{"function":"lldp_private_8021_print","file":"print-lldp.c"},"id":"CVE-2017-12997-58ea8a65"},{"digest":{"line_hashes":["74544335452402900651937902790664826624","162434760775406061849094769297440321055","235121720973665958348604678502699247504","142543695188466190577486799355006657278","295400370259204944089056546972592272984","150842100437704287684774663276946911020","166407419649807776275491154886288005496","311871776310507690437950924185119220620","46000881761558309334053379414877950803","79061019225880693557119226300733005865"],"threshold":0.9},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6","deprecated":false,"signature_type":"Line","signature_version":"v1","target":{"file":"print-lldp.c"},"id":"CVE-2017-12997-a06a8984"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12997.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}