rpm package
opensuse/tcpreplay&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/tcpreplay&distro=openSUSE%20Leap%2016.0
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-51006 | — | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Sep 22, 2025 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the sam | ||
| CVE-2025-9649 | Low | 3.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 29, 2025 | A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. | |
| CVE-2025-9386 | Med | 5.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 24, 2025 | A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclose | |
| CVE-2025-9385 | Med | 5.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 24, 2025 | A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been publis | |
| CVE-2025-9384 | Low | 3.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 24, 2025 | A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may | |
| CVE-2025-9157 | Med | 5.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 19, 2025 | A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on | |
| CVE-2025-8746 | Low | 3.3 | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Aug 9, 2025 | A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may b | |
| CVE-2024-22654 | — | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | May 29, 2025 | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. | ||
| CVE-2024-3024 | — | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Mar 28, 2024 | A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploi | ||
| CVE-2023-43279 | — | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Mar 12, 2024 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command. | ||
| CVE-2023-4256 | — | < 4.5.2-bp160.1.1 | 4.5.2-bp160.1.1 | Dec 21, 2023 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local atta |
- CVE-2025-51006Sep 22, 2025affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the sam
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used.
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclose
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been publis
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on
- affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may b
- CVE-2024-22654May 29, 2025affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.
- CVE-2024-3024Mar 28, 2024affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploi
- CVE-2023-43279Mar 12, 2024affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
- CVE-2023-4256Dec 21, 2023affected < 4.5.2-bp160.1.1fixed 4.5.2-bp160.1.1
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local atta