| 1 |
type: security |
| 2 |
subject: Updated tcpreplay packages fixes security vulnerabilities |
| 3 |
CVE: |
| 4 |
- CVE-2019-8376 |
| 5 |
- CVE-2019-8377 |
| 6 |
- CVE-2019-8381 |
| 7 |
src: |
| 8 |
6: |
| 9 |
core: |
| 10 |
- tcpreplay-4.3.2-1.mga6 |
| 11 |
description: | |
| 12 |
pdated tcpreplay package fixes security vulnerabilities: |
| 13 |
|
| 14 |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
| 15 |
occurred in the function get_layer4_v6() located at get.c. This can be |
| 16 |
triggered by sending a crafted pcap file to the tcpreplay-edit binary. |
| 17 |
It allows an attacker to cause a Denial of Service (Segmentation fault) |
| 18 |
or possibly have unspecified other impact (CVE-2019-8376). |
| 19 |
|
| 20 |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
| 21 |
occurred in the function get_ipv6_l4proto() located at get.c. This can be |
| 22 |
triggered by sending a crafted pcap file to the tcpreplay-edit binary. It |
| 23 |
allows an attacker to cause a Denial of Service (Segmentation fault) or |
| 24 |
possibly have unspecified other impact (CVE-2019-8377). |
| 25 |
|
| 26 |
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs |
| 27 |
in do_checksum in checksum.c. It can be triggered by sending a crafted pcap |
| 28 |
file to the tcpreplay-edit binary. It allows an attacker to cause a Denial |
| 29 |
of Service (Segmentation fault) or possibly have unspecified other impact |
| 30 |
(CVE-2019-8381). |
| 31 |
references: |
| 32 |
- https://bugs.mageia.org/show_bug.cgi?id=24581 |
| 33 |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/ |
Parent Directory
| 
Revision Log