tcpreplay-4.3.4-1.3 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11426 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z tcpreplay-4.3.4-1.3 on GA media These are all security issues fixed in the tcpreplay-4.3.4-1.3 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11426 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11426 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2017-6429/ SUSE CVE CVE-2017-6429 page https://www.suse.com/security/cve/CVE-2018-17580/ SUSE CVE CVE-2018-17580 page https://www.suse.com/security/cve/CVE-2018-17582/ SUSE CVE CVE-2018-17582 page https://www.suse.com/security/cve/CVE-2018-17974/ SUSE CVE CVE-2018-17974 page https://www.suse.com/security/cve/CVE-2018-18407/ SUSE CVE CVE-2018-18407 page https://www.suse.com/security/cve/CVE-2018-18408/ SUSE CVE CVE-2018-18408 page https://www.suse.com/security/cve/CVE-2019-8376/ SUSE CVE CVE-2019-8376 page https://www.suse.com/security/cve/CVE-2019-8377/ SUSE CVE CVE-2019-8377 page https://www.suse.com/security/cve/CVE-2019-8381/ SUSE CVE CVE-2019-8381 page https://www.suse.com/security/cve/CVE-2020-24265/ SUSE CVE CVE-2020-24265 page https://www.suse.com/security/cve/CVE-2020-24266/ SUSE CVE CVE-2020-24266 page openSUSE Tumbleweed tcpreplay-4.3.4-1.3 tcpreplay-4.3.4-1.3 as a component of openSUSE Tumbleweed Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. CVE-2017-6429 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-6429.html CVE-2017-6429 https://bugzilla.suse.com/1028234 SUSE Bug 1028234 A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. CVE-2018-17580 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17580.html CVE-2018-17580 https://bugzilla.suse.com/1110333 SUSE Bug 1110333 Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. CVE-2018-17582 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17582.html CVE-2018-17582 https://bugzilla.suse.com/1110285 SUSE Bug 1110285 An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. CVE-2018-17974 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17974.html CVE-2018-17974 https://bugzilla.suse.com/1110786 SUSE Bug 1110786 A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. CVE-2018-18407 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18407.html CVE-2018-18407 https://bugzilla.suse.com/1112355 SUSE Bug 1112355 A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. CVE-2018-18408 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18408.html CVE-2018-18408 https://bugzilla.suse.com/1112354 SUSE Bug 1112354 An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. CVE-2019-8376 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-8376.html CVE-2019-8376 https://bugzilla.suse.com/1125755 SUSE Bug 1125755 An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. CVE-2019-8377 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-8377.html CVE-2019-8377 https://bugzilla.suse.com/1125754 SUSE Bug 1125754 An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. CVE-2019-8381 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-8381.html CVE-2019-8381 https://bugzilla.suse.com/1125753 SUSE Bug 1125753 https://bugzilla.suse.com/1189837 SUSE Bug 1189837 An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. CVE-2020-24265 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24265.html CVE-2020-24265 An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. CVE-2020-24266 openSUSE Tumbleweed:tcpreplay-4.3.4-1.3 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-24266.html CVE-2020-24266