| Summary: | tcpreplay new security issues CVE-2023-4256 and CVE-2023-43279 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, herman.viaene, mageia, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | tcpreplay-4.4.3-2.mga9.src.rpm | CVE: | CVE-2023-4256, CVE-2023-43279 |
| Status comment: | |||
|
Description
Nicolas Salguero
2024-03-25 16:44:26 CET
Nicolas Salguero
2024-03-25 16:45:01 CET
CVE:
(none) =>
CVE-2023-4256, CVE-2023-43279
Nicolas Salguero
2024-03-25 16:45:18 CET
Status comment:
(none) =>
Patches available from Fedora I can never find Fedora patches, but they must exist. Assigning globally in the absence of an obvious ackagerp. Assignee:
bugsquad =>
pkg-bugs Suggested advisory: ======================== The updated package fixes security vulnerabilities: Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. (CVE-2023-4256) Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. (CVE-2023-43279) References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/ ======================== Updated package in core/updates_testing: ======================== tcpreplay-4.4.3-2.1.mga9 from SRPM: tcpreplay-4.4.3-2.1.mga9.src.rpm Status:
NEW =>
ASSIGNED
PC LX
2024-03-26 16:29:28 CET
CC:
(none) =>
mageia
katnatek
2024-03-26 18:06:14 CET
Keywords:
(none) =>
advisory MGA9-64 Plasma Wayland on HP-Pavillion No installation issues. Ref bug 27489 Comment 3 for testing after installing tcpdump: # tcpdump -w netdump1.pcap tcpdump: listening on wlp0s20u2, link-type EN10MB (Ethernet), snapshot length 262144 bytes ^C8709 packets captured 8711 packets received by filter 0 packets dropped by kernel $ tcprewrite --infile=netdump1.pcap --outfile=new.pcap $ ls -als *.pcap 6460 -rw-r--r-- 1 root root 6611782 Mar 27 15:27 netdump1.pcap 6460 -rw-r--r-- 1 tester9 tester9 6611782 Mar 27 15:28 new.pcap $ tcpreplay --listnics Warning: May need to run as root to get access to all network interfaces. Warning: May need to run as root to get access to all network interfaces. Available network interfaces: wlp0s20u2 any wlo1 bluetooth0 bluetooth-monitor nflog nfqueue # tcpreplay -v -i wlp0s20u2 new.pcap reading from file -, link-type EN10MB (Ethernet), snapshot length 65535 15:26:08.1711549568 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 0x0000: 0000 a000 b052 1c32 5477 0000 0000 0000 .....R.2Tw...... 0x0010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0000 0000 0000 0000 0000 0000 0000 .............. 15:26:08.1711549568 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 0x0000: 0170 a000 0000 1f84 32a3 97a2 5553 bef1 .p......2...US.. 0x0010: fcf9 796b 5214 13e9 e200 0000 0000 0000 ..ykR........... 0x0020: 0000 0000 0000 0000 0000 0000 0000 .............. and a load more and at the end Actual: 11 packets (660 bytes) sent in 9.70 seconds Rated: 67.9 Bps, 0.000 Mbps, 1.13 pps Statistics for network device: wlp0s20u2 Successful packets: 10 Failed packets: 0 Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0 OK to go. Whiteboard:
(none) =>
MGA9-64-OK Validating. CC:
(none) =>
andrewsfarm, sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0098.html Resolution:
(none) =>
FIXED |