An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
References
Link | Resource |
---|---|
https://github.com/appneta/tcpreplay/issues/617 | Exploit Issue Tracking Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EA7K7VKDK2K3SY2DHQQYSCBGZLKPWXJ4/ | Mailing List Release Notes Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M623ONZKOZL5Y7XQNHKXEPV76XYCPXQM/ | Mailing List Release Notes Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LC3UMBJFBK5HYUX7H2NGXVFI2I2EMAOF/ | Mailing List Release Notes Third Party Advisory |
https://security.gentoo.org/glsa/202105-21 | Third Party Advisory |
Information
Published : 2020-10-19 08:15
Updated : 2022-04-08 03:38
NVD link : CVE-2020-24266
Mitre link : CVE-2020-24266
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
fedoraproject
- fedora
broadcom
- tcpreplay