Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 38: 2024-b3b2a95168 Critical: tcpreplay Network Tool Fix

fedora
Calendar Grey March 24, 2024
Dist Fedora Esm H88
The latest enhancement for Fedora's tcpreplay addresses vulnerabilities CVE-2023-4256 and CVE-2023-43279, optimizing the performance of network traffic replay.
Patch CVE-2023-4256 and CVE-2023-43279

Summary

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay

supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep

a tool to pre-process capture files to allow increased performance under

certain conditions as well as capinfo which provides basic information about

capture files.

Update Information:

Patch CVE-2023-4256 and CVE-2023-43279

Topics%20covered

Topics Covered

security advisory Fedora critical patch network tool tcpreplay CVE patch

Change Log

* Sat Mar 16 2024 Bojan Smojver - 4.4.1-5 - Patch CVE-2023-4256 * Sat Mar 16 2024 Bojan Smojver - 4.4.1-4 - Patch CVE-2023-43279 * Sat Jan 27 2024 Fedora Release Engineering - 4.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sat Jul 22 2023 Fedora Release Engineering - 4.4.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References


[ 1 ] Bug #2255213 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255213 [ 2 ] Bug #2255214 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255214 [ 3 ] Bug #2269309 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2269309 [ 4 ] Bug #2269310 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2269310

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b3b2a95168' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tcpreplay
Product: Fedora 38
Version: 4.4.4
Release: 5.fc38
URL: http://tcpreplay.appneta.com/
Summary: Replay captured network traffic

Topics%20covered

Topics Covered

security advisory Fedora critical patch network tool tcpreplay CVE patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here