Upstream information

CVE-2018-18409 at MITRE


A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1112356

No SUSE Security Announcements cross referenced.