Описание
Security update for tcpreplay
This update for tcpreplay fixes the following issues:
Update to 4.4.4:
- overflow check fix for parse_mpls.
- tcpreplay-edit: prevent L2 flooding of ipv6 unicast packets.
- CVE-2023-27786: bugs caused by strtok_r. (boo#1209416)
- CVE-2023-27783 reachable assert in tcpedit_dlt_cleanup (boo#1209413)
- reachable assert in fast_edit_packet.
Список пакетов
SUSE Package Hub 15 SP4
tcpreplay-4.4.4-bp155.2.3.1
SUSE Package Hub 15 SP5
tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.4
tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.5
tcpreplay-4.4.4-bp155.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2023:0267-1
- SUSE Security Ratings
- SUSE Bug 1209413
- SUSE Bug 1209416
- SUSE CVE CVE-2023-27783 page
- SUSE CVE CVE-2023-27786 page
Описание
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
Затронутые продукты
SUSE Package Hub 15 SP4:tcpreplay-4.4.4-bp155.2.3.1
SUSE Package Hub 15 SP5:tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.4:tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.5:tcpreplay-4.4.4-bp155.2.3.1
Ссылки
- CVE-2023-27783
- SUSE Bug 1209413
Описание
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
Затронутые продукты
SUSE Package Hub 15 SP4:tcpreplay-4.4.4-bp155.2.3.1
SUSE Package Hub 15 SP5:tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.4:tcpreplay-4.4.4-bp155.2.3.1
openSUSE Leap 15.5:tcpreplay-4.4.4-bp155.2.3.1
Ссылки
- CVE-2023-27786
- SUSE Bug 1209416