Fedora has issue an advisory on March 24: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/ Mageia 9 is also affected.
CVE: (none) => CVE-2023-4256, CVE-2023-43279Whiteboard: (none) => MGA9TOOSource RPM: (none) => tcpreplay-4.4.4-1.mga10.src.rpm
Status comment: (none) => Patches available from Fedora
I can never find Fedora patches, but they must exist. Assigning globally in the absence of an obvious ackagerp.
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated package fixes security vulnerabilities: Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. (CVE-2023-4256) Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. (CVE-2023-43279) References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/ ======================== Updated package in core/updates_testing: ======================== tcpreplay-4.4.3-2.1.mga9 from SRPM: tcpreplay-4.4.3-2.1.mga9.src.rpm
Status: NEW => ASSIGNEDWhiteboard: MGA9TOO => (none)Version: Cauldron => 9Assignee: pkg-bugs => qa-bugsSource RPM: tcpreplay-4.4.4-1.mga10.src.rpm => tcpreplay-4.4.3-2.mga9.src.rpmStatus comment: Patches available from Fedora => (none)
CC: (none) => mageia
Keywords: (none) => advisory
MGA9-64 Plasma Wayland on HP-Pavillion No installation issues. Ref bug 27489 Comment 3 for testing after installing tcpdump: # tcpdump -w netdump1.pcap tcpdump: listening on wlp0s20u2, link-type EN10MB (Ethernet), snapshot length 262144 bytes ^C8709 packets captured 8711 packets received by filter 0 packets dropped by kernel $ tcprewrite --infile=netdump1.pcap --outfile=new.pcap $ ls -als *.pcap 6460 -rw-r--r-- 1 root root 6611782 Mar 27 15:27 netdump1.pcap 6460 -rw-r--r-- 1 tester9 tester9 6611782 Mar 27 15:28 new.pcap $ tcpreplay --listnics Warning: May need to run as root to get access to all network interfaces. Warning: May need to run as root to get access to all network interfaces. Available network interfaces: wlp0s20u2 any wlo1 bluetooth0 bluetooth-monitor nflog nfqueue # tcpreplay -v -i wlp0s20u2 new.pcap reading from file -, link-type EN10MB (Ethernet), snapshot length 65535 15:26:08.1711549568 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x88e1), length 60: 0x0000: 0000 a000 b052 1c32 5477 0000 0000 0000 .....R.2Tw...... 0x0010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0000 0000 0000 0000 0000 0000 0000 .............. 15:26:08.1711549568 34:31:c4:80:a9:b4 > ff:ff:ff:ff:ff:ff, ethertype Unknown (0x8912), length 60: 0x0000: 0170 a000 0000 1f84 32a3 97a2 5553 bef1 .p......2...US.. 0x0010: fcf9 796b 5214 13e9 e200 0000 0000 0000 ..ykR........... 0x0020: 0000 0000 0000 0000 0000 0000 0000 .............. and a load more and at the end Actual: 11 packets (660 bytes) sent in 9.70 seconds Rated: 67.9 Bps, 0.000 Mbps, 1.13 pps Statistics for network device: wlp0s20u2 Successful packets: 10 Failed packets: 0 Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0 OK to go.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0098.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED