ArchLinux: 201905-5: tcpreplay: multiple issues

    Date07 May 2019
    CategoryArchLinux
    774
    Posted ByLinuxSecurity Advisories
    The package tcpreplay before version 4.3.2-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.
    Arch Linux Security Advisory ASA-201905-5
    =========================================
    
    Severity: High
    Date    : 2019-05-06
    CVE-ID  : CVE-2019-8376 CVE-2019-8377 CVE-2019-8381
    Package : tcpreplay
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-902
    
    Summary
    =======
    
    The package tcpreplay before version 4.3.2-1 is vulnerable to multiple
    issues including arbitrary code execution and denial of service.
    
    Resolution
    ==========
    
    Upgrade to 4.3.2-1.
    
    # pacman -Syu "tcpreplay>=4.3.2-1"
    
    The problems have been fixed upstream in version 4.3.2.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2019-8376 (denial of service)
    
    An issue was discovered in tcpreplay 4.3.1. A NULL pointer dereference
    occurred in the function get_layer4_v6() located at get.c. This can be
    triggered by sending a crafted pcap file to the tcpreplay-edit binary.
    It allows an attacker to cause a Denial of Service (Segmentation fault)
    or possibly have unspecified other impact.
    
    - CVE-2019-8377 (denial of service)
    
    An issue was discovered in tcpreplay 4.3.1. A NULL pointer dereference
    occurred in the function get_ipv6_l4proto() located at get.c. This can
    be triggered by sending a crafted pcap file to the tcpreplay-edit
    binary. It allows an attacker to cause a Denial of Service
    (Segmentation fault) or possibly have unspecified other impact.
    
    - CVE-2019-8381 (arbitrary code execution)
    
    An issue was discovered in tcpreplay 4.3.1. An invalid memory access
    occurs in do_checksum in checksum.c. It can be triggered by sending a
    crafted pcap file to the tcpreplay-edit binary. It allows an attacker
    to cause a Denial of Service (Segmentation fault) or possibly have
    unspecified other impact.
    
    Impact
    ======
    
    A remote attacker is able to cause a denial of service, or execute
    arbitrary code, with a specially crafted pcap file.
    
    References
    ==========
    
    https://github.com/appneta/tcpreplay/issues/537
    https://research.loginsoft.com/vulnerability/null-pointer-dereference-vulnerability-in-function-get_layer4_v6-tcpreplay-4-3-1/
    https://github.com/appneta/tcpreplay/issues/536
    https://research.loginsoft.com/vulnerability/null-pointer-dereference-vulnerability-in-function-get_ipv6_l4proto-tcpreplay-4-3-1/
    https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1/
    https://github.com/appneta/tcpreplay/issues/538
    https://github.com/appneta/tcpreplay/pull/548/commits/dae97cbafc5c06ebbc6b34e76ba614104f1b73e1
    https://security.archlinux.org/CVE-2019-8376
    https://security.archlinux.org/CVE-2019-8377
    https://security.archlinux.org/CVE-2019-8381
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"1","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"67","title":"HOWTOs","votes":"2","type":"x","order":"3","pct":66.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.