Fedora has issued an advisory on July 21: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4BWGIIYEAY4GRICOGIWO26TNMKVEV62/
Source RPM: (none) => tcpreplay-4.4.3-2.1.mga9.src.rpmCVE: (none) => CVE-2024-3024
The given URL announces a new version of tcpreplay: Announcing v4.5.1 This release contains contributions from a record number of new contributors. This is greatly appreciated since I am a team of one, and do Tcpreplay maintenance in my spare time. There are many bug fixes and new features. The project site download page: http://tcpreplay.appneta.com/wiki/installation.html#download-releases Download Releases for Users Latest release: tcpreplay-4.5.1.tar.xz https://github.com/appneta/tcpreplay/releases/download/v4.4.2/tcpreplay-4.5.1.tar.xz * Sat Jul 13 2024 Bojan Smojver <bojan@rexursive com> - 4.5.1-1 - Update to 4.5.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2271992 - CVE-2024-3024 tcpreplay: heap-based buffer overflow This is already in Cauldron (DavidG); it looks OK to update M9.
Assignee: bugsquad => geiger.david68210Status comment: (none) => Fixed in v4.5.1
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== tcpreplay-4.5.1-1.mga9 From SRPMS: tcpreplay-4.5.1-1.mga9.src.rpm
Assignee: geiger.david68210 => qa-bugs
Keywords: (none) => advisory
# tcpreplay -i wlp4s0 t tmp/ tpcap.pcap [root@localhost brian]# tcpreplay -i wlp4s0 tpcap.pcap Warning: flow_decode failed to determine Ethernet header length for packet 1 Warning: flow_decode failed to determine Ethernet header length for packet 3 Warning: flow_decode failed to determine Ethernet header length for packet 51 Warning: flow_decode failed to determine Ethernet header length for packet 95 Warning: flow_decode failed to determine Ethernet header length for packet 97 Warning: flow_decode failed to determine Ethernet header length for packet 99 Warning: flow_decode failed to determine Ethernet header length for packet 100 Warning: flow_decode failed to determine Ethernet header length for packet 102 Warning: flow_decode failed to determine Ethernet header length for packet 103 Actual: 103 packets (9750 bytes) sent in 44.04 seconds Rated: 221.3 Bps, 0.001 Mbps, 2.33 pps Flows: 13 flows, 0.29 fps, 89 unique flow packets, 5 unique non-flow packets Statistics for network device: wlp4s0 Successful packets: 103 Failed packets: 0 Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0
Whiteboard: (none) => MGA9-32-OKCC: (none) => brtians1
mga9, x64 CVE-2024-3024 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3024 PoC data at https://vuldb.com/?id.258333 No indication about how to test this so the best we can do is treat it as a pcap file and hope for the best. There is supposed to be more information at Google Drive but I don't have access. Before update: # tcpreplay -i enp0s13f0u1u4 poc.pcap Failed: Error opening pcap file: unknown file format Cannot draw any conclusions from this. # file poc.pcap poc.pcap: ASCII text The first 8 bytes are c3d4 a1b2 0002 0004 which match those of a valid .pcap file - they differ beyond that. # file test2.pcap test2.pcap: pcap capture file, microsecond ts (little-endian) - version 2.4 (Linux cooked v1, capture length 262144) Giving up on that. Updated the package and ran Brian's command again: # tcpreplay -i enp0s13f0u1u4 test2.pcap ^C User interrupt... sendpacket_abort Actual: 14 packets (1456 bytes) sent in 9.52 seconds Rated: 152.8 Bps, 0.001 Mbps, 1.46 pps Flows: 8 flows, 0.83 fps, 13 unique flow packets, 1 unique non-flow packets Statistics for network device: enp0s13f0u1u4 Successful packets: 13 Failed packets: 0 Truncated packets: 0 Retried packets (ENOBUFS): 0 Retried packets (EAGAIN): 0 No regression there.
CC: (none) => tarazed25
Whiteboard: MGA9-32-OK => MGA9-32-OK, MGA9-64-OK
CC: (none) => andrewsfarm
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0305.html
Status: NEW => RESOLVEDResolution: (none) => FIXED