Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 40: 2024-96903c39cb Moderate: Tcpreplay DoS and Memory Fix

fedora
Calendar Grey March 23, 2024
Dist Fedora Esm H88
Follow these steps to upgrade tcpreplay in Fedora 40, resolving critical vulnerabilities like null pointer dereference and double free errors for enhanced security
Patch CVE-2023-4256 and CVE-2023-43279

Summary

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay

supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep

a tool to pre-process capture files to allow increased performance under

certain conditions as well as capinfo which provides basic information about

capture files.

Update Information:

Patch CVE-2023-4256 and CVE-2023-43279

Topics%20covered

Topics Covered

security advisory denial of service Fedora null pointer double free tcpreplay

Change Log

* Sat Mar 16 2024 Bojan Smojver - 4.4.1-5 - Patch CVE-2023-4256 * Sat Mar 16 2024 Bojan Smojver - 4.4.1-4 - Patch CVE-2023-43279

References


[ 1 ] Bug #2255213 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255213 [ 2 ] Bug #2255214 - CVE-2023-4256 tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255214 [ 3 ] Bug #2269309 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2269309 [ 4 ] Bug #2269310 - CVE-2023-43279 tcpreplay: null pointer dereference in mask_cidr6 component at cidr.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2269310

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-96903c39cb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: tcpreplay
Product: Fedora 40
Version: 4.4.4
Release: 5.fc40
URL: http://tcpreplay.appneta.com/
Summary: Replay captured network traffic

Topics%20covered

Topics Covered

security advisory denial of service Fedora null pointer double free tcpreplay

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here