| Summary: | tcpreplay new security issues CVE-2022-27939 CVE-2022-2794[0-2] CVE-2022-28487 CVE-2022-3704[7-9] | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, brtians1, davidwhodgins, marja11, nicolas.salguero, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-Ok | ||
| Source RPM: | tcpreplay-4.3.3-22.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2022-09-06 21:34:55 CEST
David Walser
2022-09-06 21:35:09 CEST
Status comment:
(none) =>
Fixed upstream in 4.4.2 Also no registered maintainer and assigning to all packagers collectively CC:
(none) =>
marja11 Suggested advisory: ======================== The updated package fixes security vulnerabilities: tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. (CVE-2022-27939) tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. (CVE-2022-27940) tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. (CVE-2022-27941) tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. (CVE-2022-27942) Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. (CVE-2022-28487) The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. (CVE-2022-37047) The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. (CVE-2022-37048) The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. (CVE-2022-37049) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27939 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27940 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27941 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27942 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28487 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37047 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37048 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37049 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5/ ======================== Updated package in core/updates_testing: ======================== tcpreplay-4.4.2-1.mga8 from SRPM: tcpreplay-4.4.2-1.mga8.src.rpm Status:
NEW =>
ASSIGNED MGA8-64 The following 2 packages are going to be installed: - lib64dnet1-1.12-21.mga8.x86_64 - tcpreplay-4.4.2-1.mga8.x86_64 Also had to install tcpdump dumped a pcap file next # tcprewrite --infile=dump.pcap --outfile=new.pcap --dstipmap=0.0.0.0/0:192.168.10.111 # tcpreplay --intf1=wlp4s0 new.pcap I stopped it and reported ctual: 331 packets (123546 bytes) sent in 17.15 seconds Rated: 7203.6 Bps, 0.057 Mbps, 19.29 pps Flows: 67 flows, 3.90 fps, 327 flow packets, 4 non-flow Statistics for network device: wlp4s0 Successful packets: 330 Failed packets: 0 I'm not familiar with these tools, so it seems to work. I'm okaying it. Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0 CC:
(none) =>
brtians1 Validating. Advisory in Comment 2. CC:
(none) =>
andrewsfarm, sysadmin-bugs
Dave Hodgins
2022-09-26 01:08:12 CEST
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0345.html Resolution:
(none) =>
FIXED |