1 |
type: security |
2 |
subject: Updated tcpreplay packages fixes security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2019-8376 |
5 |
- CVE-2019-8377 |
6 |
- CVE-2019-8381 |
7 |
src: |
8 |
6: |
9 |
core: |
10 |
- tcpreplay-4.3.2-1.mga6 |
11 |
description: | |
12 |
pdated tcpreplay package fixes security vulnerabilities: |
13 |
|
14 |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
15 |
occurred in the function get_layer4_v6() located at get.c. This can be |
16 |
triggered by sending a crafted pcap file to the tcpreplay-edit binary. |
17 |
It allows an attacker to cause a Denial of Service (Segmentation fault) |
18 |
or possibly have unspecified other impact (CVE-2019-8376). |
19 |
|
20 |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference |
21 |
occurred in the function get_ipv6_l4proto() located at get.c. This can be |
22 |
triggered by sending a crafted pcap file to the tcpreplay-edit binary. It |
23 |
allows an attacker to cause a Denial of Service (Segmentation fault) or |
24 |
possibly have unspecified other impact (CVE-2019-8377). |
25 |
|
26 |
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs |
27 |
in do_checksum in checksum.c. It can be triggered by sending a crafted pcap |
28 |
file to the tcpreplay-edit binary. It allows an attacker to cause a Denial |
29 |
of Service (Segmentation fault) or possibly have unspecified other impact |
30 |
(CVE-2019-8381). |
31 |
references: |
32 |
- https://bugs.mageia.org/show_bug.cgi?id=24581 |
33 |
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/ |