{"id":"CVE-2023-1801","details":"The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.","modified":"2026-05-30T23:20:32.800457Z","published":"2023-04-07T20:40:55.540Z","related":["openSUSE-SU-2024:12850-1"],"database_specific":{"cna_assigner":"Tcpdump","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1801.json","cwe_ids":["CWE-787"]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/"},{"type":"WEB","url":"https://support.apple.com/kb/HT213844"},{"type":"WEB","url":"https://support.apple.com/kb/HT213845"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1801.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1801"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"fixed":"7578e1c04ee280dda50c4c2813e7d55f539c6501"}]}],"versions":["tcpdump-4.99.0-bp","tcpdump-4.99-bp","tcpdump-4.9.0-bp","tcpdump-4.7.0-bp","tcpdump-4.6.0-bp","tcpdump-4.6.0","tcpdump-4.5.0","tcpdump-3.8-bp","tcpdump-3.7.1","tcpdump-3.6.1","tcpdump-3.5.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1801.json","vanir_signatures_modified":"2026-05-30T23:20:32Z","vanir_signatures":[{"signature_version":"v1","id":"CVE-2023-1801-0163d869","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["38166190730075331128193528925579143781","168825706963812953918177061392525093351","154529819081921324930079689408156427500","169432206782081838228774722271845417805","140748461773654319295140929140406127548","45667429073400835866892217150934645183","336587680564699092381582966922599398149","73327962744967703344598817326534348167","317342740848087171310974701482035687361","118319896687573129361196689392244246198","52277949776093132984811621595846967596","16196727072384311056493447191465447130","190438672933571614919695044145852454050","92692957142679483624658363014599229375"],"threshold":0.9},"deprecated":false,"target":{"file":"print-ahcp.c"}},{"signature_version":"v1","id":"CVE-2023-1801-0850ff6b","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["127889288938720217508818710491137221581","92212800661520330227828817013254558620","301565887821638015943433179896091153701","202155449803170102725726232383091278453","240792611377169843020034876546449366183","276925095927882301358321037515473616964","303478832044192588645401246795869850934","163550766924311089651498327945849111405","91181178237218589362046127588153570329","62202623672765388642867458434501792860","209620206528380569600317264323062481924","153167064193834045086369142025288803879","138391408527818796250087165375096230121","148172595535577638324981505714178681968","172310726803749992791619757613096828562","68756405419257073485419641196691234188","156363416428307140635001572433183573858","213298064368798221929904056598409809547","310842455381502257804807049250305939734"],"threshold":0.9},"deprecated":false,"target":{"file":"smbutil.c"}},{"signature_version":"v1","id":"CVE-2023-1801-14e90ed1","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":488,"function_hash":"264518731817915874712605143073029240108"},"deprecated":false,"target":{"function":"ahcp_time_print","file":"print-ahcp.c"}},{"signature_version":"v1","id":"CVE-2023-1801-160b8007","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":6330,"function_hash":"248105154805577752665518646649436548764"},"deprecated":false,"target":{"function":"smb_fdata1","file":"smbutil.c"}},{"signature_version":"v1","id":"CVE-2023-1801-38637148","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["140897801379088527852991405717432726629","179804202025958251723513483751715987021","48088546743909713184852160743798278773","8562518908083342803383291883283646625","319887562591263711034978616969799860296","32566127889175588856234148848027249688","225078555149340459522256336842407373734","293053542008281682699157048701217984812"],"threshold":0.9},"deprecated":false,"target":{"file":"tcpdump.c"}},{"signature_version":"v1","id":"CVE-2023-1801-4b48e2f8","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["190912635528595448085804738584339830434","249511027014600982126347518648183406963","13970615891781316613645847458669763367"],"threshold":0.9},"deprecated":false,"target":{"file":"netdissect.h"}},{"signature_version":"v1","id":"CVE-2023-1801-7fc07776","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":675,"function_hash":"87228379212046453617435353857476669780"},"deprecated":false,"target":{"function":"MakeFilename","file":"tcpdump.c"}},{"signature_version":"v1","id":"CVE-2023-1801-81d36198","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["3025699069882131222630385708257604059","158092168991993657967551466056536300402","312499652415948881011090791506220901046","288221203263894075682973356363822796850","133143739180726943269334442645669021844","235121957364493335804391251579080934639","42780426909605534849573279516186112915","3086787425047912681894677058680507805","18157704034547605946789646066643894156","31215320042498407792812243180091976890","214601360911616430014007813950824750931","14393612077373528863502942757432819851","315347921426282093290332829403220425464","250393307386732972295406463263597127520","217909708369677359249896926977974271048","159473541280443511028431009420385235938","256516457127754732961476295049188927714"],"threshold":0.9},"deprecated":false,"target":{"file":"print-arista.c"}},{"signature_version":"v1","id":"CVE-2023-1801-856fe608","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":609,"function_hash":"240382926039499611604831510936039809022"},"deprecated":false,"target":{"function":"ts_date_hmsfrac_print","file":"util-print.c"}},{"signature_version":"v1","id":"CVE-2023-1801-8c257aae","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":422,"function_hash":"234215932135695605367945633237563356718"},"deprecated":false,"target":{"function":"arista_print_date_hms_time","file":"print-arista.c"}},{"signature_version":"v1","id":"CVE-2023-1801-aa57dfb0","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":539,"function_hash":"66262855289905090106367202767222706898"},"deprecated":false,"target":{"function":"zep_print_ts","file":"print-zep.c"}},{"signature_version":"v1","id":"CVE-2023-1801-b2f32a9d","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["274940642164127014545674655839669367834","307671079338547099670473521588993027621","4863733507224291562843201542887630856","36884561544676943806692641471982988293","261405865500119518075401908141940064406","102187719079539079341209584005396423530","225434594149673312519931506948024741953","335832813626454907916078186228515974079"],"threshold":0.9},"deprecated":false,"target":{"file":"print-rx.c"}},{"signature_version":"v1","id":"CVE-2023-1801-c22fdc9d","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["320526548436957173476256213141663970515","201253953848983808836326751985570983465","4905736082359368029727334114719130692","257384078373760336747727725899020509835","66149186013672562918077915698558389361","113756945136654110200093074442221035521","223328766115502049158938051994966137064","53622313245188351684470417796261253010","233918658138393756266912513218613901851","86277792989672807565505704523284166348","34376539954050678276547472787812225080","184949443414921032807588705370017071643","270309022975233526019272541297562370947","236514609565586096269240145177284178365","30048303502732750825761852349078711077","209896139422400217118246328695335281418","237147067403269317310231658566366987447","303282619747314000130580599146009433866"],"threshold":0.9},"deprecated":false,"target":{"file":"util-print.c"}},{"signature_version":"v1","id":"CVE-2023-1801-d8a57ccc","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["143938871045167484748032565504388812769","296836794633867839820181092011739294606","332455664294566148314215790883718924379","278605223388590917120074959625822873188","56434951330780129877599354947636511348","100227879603144927812160342541957523341","300149405149464093249920724493944207209","219846900367451355971460189668587138615"],"threshold":0.9},"deprecated":false,"target":{"file":"print-zep.c"}},{"signature_version":"v1","id":"CVE-2023-1801-f36cc779","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Function","digest":{"length":708,"function_hash":"192256749831768278341054317298688661739"},"deprecated":false,"target":{"function":"p_ntp_time","file":"ntp.c"}},{"signature_version":"v1","id":"CVE-2023-1801-f7aeb07a","source":"https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501","signature_type":"Line","digest":{"line_hashes":["271905706437759834729282842433663055212","269083036896023633629749062134035658881","6128231736010748622636733859937841501","44988561282671440089022532600932072332","34868211505718978609246929349911398270","194634347781286732830962687235819470883","18006443207034470003280390550675576212","283182593454653801153047338587563241329","110467899188472775036274702521582274070","325749185322442935875954402589244088579","153697582222490744848254159031255900210","97128102410865148458804988307689063635","185689817678124849533705652884934931014","19402697729401875439105892412649477720","304753121749517853193859268462988220147","108587633537507210242609878158511307392"],"threshold":0.9},"deprecated":false,"target":{"file":"ntp.c"}}]}}],"schema_version":"1.7.5"}