CVE-2015-3138

Name: CVE-2015-3138
Creator: NVD / NIST
Published: 2017-09-28T01:29:00.56+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.28%

Last modified Jun 17, 2026

CVE-2015-3138 is a vulnerability of currently unknown severity. print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).. EPSS estimates a 2.28% chance of exploitation in the next 30 days.

Description

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

Metrics

EPSS Probability

2.28%

80.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Tcpdump	Tcpdump	<= 4.7.3
Opensuse	Leap	42.2
Opensuse Project	Leap	42.1

References

http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.htmlThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1212342Issue Tracking, Patch, Third Party Advisory
https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70Issue Tracking, Patch, Third Party Advisory
https://github.com/the-tcpdump-group/tcpdump/issues/446Issue Tracking, Patch, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.htmlThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1212342Issue Tracking, Patch, Third Party Advisory
https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70Issue Tracking, Patch, Third Party Advisory
https://github.com/the-tcpdump-group/tcpdump/issues/446Issue Tracking, Patch, Third Party Advisory

Timeline

Published: Sep 28, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-3138?

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

How severe is CVE-2015-3138?

Severity scoring for CVE-2015-3138 is pending analysis. The EPSS model estimates a 2.28% probability of exploitation in the next 30 days.

How do I fix CVE-2015-3138?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-3138?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST