Fedora has issued an advisory today (May 15): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UE3J4LKYFNKPKNSLDQK4JG36THQMQH3V/ Mageia 8 is also affected.
Status comment: (none) => Patches available from FedoraWhiteboard: (none) => MGA8TOO
Alas, this is a patch rather than new version fix. No one packager in view for tcpreplay, so assigning this globally.
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated package fixes security vulnerabilities: An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. (CVE-2023-27783) An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. (CVE-2023-27784) An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. (CVE-2023-27785) An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. (CVE-2023-27786) An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. (CVE-2023-27787) An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. (CVE-2023-27788) An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. (CVE-2023-27789) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27785 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27786 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27788 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27789 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UE3J4LKYFNKPKNSLDQK4JG36THQMQH3V/ ======================== Updated package in core/updates_testing: ======================== tcpreplay-4.4.2-1.1.mga8 from SRPM: tcpreplay-4.4.2-1.1.mga8.src.rpm
Status: NEW => ASSIGNEDWhiteboard: MGA8TOO => (none)Source RPM: tcpreplay-4.4.3-1.mga9.src.rpm => tcpreplay-4.4.2-1.mga8.src.rpmVersion: Cauldron => 8Assignee: pkg-bugs => qa-bugsStatus comment: Patches available from Fedora => (none)CC: (none) => nicolas.salguero
MGA8-64 MATE on Acer Aspire 5253 No installation issues Ref bug 30822 for testing # tcprewrite --infile=wiresharktest50 --outfile=new.pcap --dstipmap=0.0.0.0/0:192.168.2.7 # tcpreplay --intf1=wlp7s0 new.pcap Actual: 50 packets (15637 bytes) sent in 20.30 seconds Rated: 769.9 Bps, 0.006 Mbps, 2.46 pps Flows: 9 flows, 0.44 fps, 28 flow packets, 22 non-flow Statistics for network device: wlp7s0 Successful packets: 50 Failed packets: 0 Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0 To the contrary of bug 30822, the command stopped by itself. Looks OK, but my wifi was not working anymore, network center showed connected, but nothing comes thru. I had to disconnect and reconnect, and then all was normal. I'll OK the update, I've got the idea that the tcpreplay somehow interrupts the normal working of the network interface. If this behavior is not OK, the block the update.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
I watched a few videos on using tcpreplay, and I saw nothing that mentioned restarting the interface, but none of them appeared to be using wifi for it. All used an "eth(N)" interface. So that was no help. I would validate, but the behavior with the wifi troubles me, as my knowledge of such things is limited. So I ask: Is it OK, or not?
CC: (none) => andrewsfarm
I checked previous updates and Brian and myself were the only ones to use the wifi in the command. But neither of us made any note on wifi begavior after the test. I cann't do the test again, since the laptop involved is now taken by an M9 upgrade exercise.
OK, sending it on. Validating. Advisory in comment 2.
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0188.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED