Описание
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tcpreplay | fixed | 4.5.1-1 | package |
Примечания
https://github.com/appneta/tcpreplay/issues/813
https://github.com/appneta/tcpreplay/pull/855
https://github.com/appneta/tcpreplay/pull/866
https://github.com/appneta/tcpreplay/commit/d00951bca056cd50c3e85d1ce8a66ae68be15710 (v4.5.0-beta1)
https://github.com/appneta/tcpreplay/commit/84dee5ed840d3ee6aa395d4bd8cc5dcb06484ebe (v4.5.0-beta1)
Crash in CLI tool, no security impact
EPSS
Связанные уязвимости
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.
EPSS