Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 8: MGASA-2023-0188 Critical: Tcpreplay Denial Of Service

mageia
Calendar Grey May 31, 2023
Dist Mageia Esm H88
Recent updates to tcpreplay packages in Mageia have addressed severe vulnerabilities that could lead to remote denial of service attacks.
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c

Summary

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. (CVE-2023-27783)
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. (CVE-2023-27784)
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. (CVE-2023-27785)
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. (CVE-2023-27786)
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. (CVE-2023-27787)
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. (CVE-2023-27788)
An issue found in TCPprep v.4.4.3 allo...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=31926

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UE3J4LKYFNKPKNSLDQK4JG36THQMQH3V/

- https://www.cve.org/CVERecord?id=CVE-2023-27783

- https://www.cve.org/CVERecord?id=CVE-2023-27784

- https://www.cve.org/CVERecord?id=CVE-2023-27785

- https://www.cve.org/CVERecord?id=CVE-2023-27786

- https://www.cve.org/CVERecord?id=CVE-2023-27787

- https://www.cve.org/CVERecord?id=CVE-2023-27788

- https://www.cve.org/CVERecord?id=CVE-2023-27789

Topics%20covered

Topics Covered

security advisory denial of service remote attack Mageia tcpreplay tcprewrite tcpedit

Resolution

SRPMS

- 8/core/tcpreplay-4.4.2-1.1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 31 May 2023
URL: https://advisories.mageia.org/MGASA-2023-0188.html
Type: security
CVE: CVE-2023-27783, CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789

Topics%20covered

Topics Covered

security advisory denial of service remote attack Mageia tcpreplay tcprewrite tcpedit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here