1 |
tmb |
8492 |
type: security |
2 |
|
|
subject: Updated tcpreplay packages fixes security vulnerabilities |
3 |
|
|
CVE: |
4 |
|
|
- CVE-2019-8376 |
5 |
|
|
- CVE-2019-8377 |
6 |
|
|
- CVE-2019-8381 |
7 |
|
|
src: |
8 |
|
|
6: |
9 |
|
|
core: |
10 |
|
|
- tcpreplay-4.3.2-1.mga6 |
11 |
|
|
description: | |
12 |
tmb |
8512 |
Updated tcpreplay package fixes security vulnerabilities: |
13 |
tmb |
8492 |
|
14 |
|
|
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
15 |
|
|
occurred in the function get_layer4_v6() located at get.c. This can be |
16 |
|
|
triggered by sending a crafted pcap file to the tcpreplay-edit binary. |
17 |
|
|
It allows an attacker to cause a Denial of Service (Segmentation fault) |
18 |
|
|
or possibly have unspecified other impact (CVE-2019-8376). |
19 |
|
|
|
20 |
|
|
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
21 |
|
|
occurred in the function get_ipv6_l4proto() located at get.c. This can be |
22 |
|
|
triggered by sending a crafted pcap file to the tcpreplay-edit binary. It |
23 |
|
|
allows an attacker to cause a Denial of Service (Segmentation fault) or |
24 |
|
|
possibly have unspecified other impact (CVE-2019-8377). |
25 |
|
|
|
26 |
|
|
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs |
27 |
|
|
in do_checksum in checksum.c. It can be triggered by sending a crafted pcap |
28 |
|
|
file to the tcpreplay-edit binary. It allows an attacker to cause a Denial |
29 |
|
|
of Service (Segmentation fault) or possibly have unspecified other impact |
30 |
|
|
(CVE-2019-8381). |
31 |
|
|
references: |
32 |
|
|
- https://bugs.mageia.org/show_bug.cgi?id=24581 |
33 |
|
|
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/ |
34 |
tmb |
8519 |
ID: MGASA-2019-0158 |