| 1 |
tmb |
8492 |
type: security |
| 2 |
|
|
subject: Updated tcpreplay packages fixes security vulnerabilities |
| 3 |
|
|
CVE: |
| 4 |
|
|
- CVE-2019-8376 |
| 5 |
|
|
- CVE-2019-8377 |
| 6 |
|
|
- CVE-2019-8381 |
| 7 |
|
|
src: |
| 8 |
|
|
6: |
| 9 |
|
|
core: |
| 10 |
|
|
- tcpreplay-4.3.2-1.mga6 |
| 11 |
|
|
description: | |
| 12 |
tmb |
8512 |
Updated tcpreplay package fixes security vulnerabilities: |
| 13 |
tmb |
8492 |
|
| 14 |
|
|
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
| 15 |
|
|
occurred in the function get_layer4_v6() located at get.c. This can be |
| 16 |
|
|
triggered by sending a crafted pcap file to the tcpreplay-edit binary. |
| 17 |
|
|
It allows an attacker to cause a Denial of Service (Segmentation fault) |
| 18 |
|
|
or possibly have unspecified other impact (CVE-2019-8376). |
| 19 |
|
|
|
| 20 |
|
|
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
| 21 |
|
|
occurred in the function get_ipv6_l4proto() located at get.c. This can be |
| 22 |
|
|
triggered by sending a crafted pcap file to the tcpreplay-edit binary. It |
| 23 |
|
|
allows an attacker to cause a Denial of Service (Segmentation fault) or |
| 24 |
|
|
possibly have unspecified other impact (CVE-2019-8377). |
| 25 |
|
|
|
| 26 |
|
|
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs |
| 27 |
|
|
in do_checksum in checksum.c. It can be triggered by sending a crafted pcap |
| 28 |
|
|
file to the tcpreplay-edit binary. It allows an attacker to cause a Denial |
| 29 |
|
|
of Service (Segmentation fault) or possibly have unspecified other impact |
| 30 |
|
|
(CVE-2019-8381). |
| 31 |
|
|
references: |
| 32 |
|
|
- https://bugs.mageia.org/show_bug.cgi?id=24581 |
| 33 |
|
|
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/ |
Parent Directory
| 
Revision Log