rpm package

opensuse/tcpreplay&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/tcpreplay&distro=openSUSE%20Tumbleweed

Vulnerabilities (17)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-51006		—	< 4.5.2-1.1	4.5.2-1.1	Sep 22, 2025	Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the sam
CVE-2025-9157	Med	5.3	< 4.5.2-1.1	4.5.2-1.1	Aug 19, 2025	A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on
CVE-2025-8746	Low	3.3	< 4.5.1-2.1	4.5.1-2.1	Aug 9, 2025	A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may b
CVE-2023-27786		—	< 4.4.4-1.1	4.4.4-1.1	Mar 16, 2023	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
CVE-2023-27783		—	< 4.4.4-1.1	4.4.4-1.1	Mar 16, 2023	An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
CVE-2020-24266		—	< 4.3.4-1.3	4.3.4-1.3	Oct 19, 2020	An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
CVE-2020-24265		—	< 4.3.4-1.3	4.3.4-1.3	Oct 19, 2020	An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
CVE-2019-8381		—	< 4.3.4-1.3	4.3.4-1.3	Feb 17, 2019	An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unsp
CVE-2019-8377		—	< 4.3.4-1.3	4.3.4-1.3	Feb 17, 2019	An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation
CVE-2019-8376		—	< 4.3.4-1.3	4.3.4-1.3	Feb 17, 2019	An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fa
CVE-2018-18408		—	< 4.3.4-1.3	4.3.4-1.3	Oct 17, 2018	A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
CVE-2018-18407		—	< 4.3.4-1.3	4.3.4-1.3	Oct 17, 2018	A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
CVE-2018-17974		—	< 4.3.4-1.3	4.3.4-1.3	Oct 3, 2018	An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than
CVE-2018-17582		—	< 4.3.4-1.3	4.3.4-1.3	Sep 28, 2018	Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial o
CVE-2018-17580		—	< 4.3.4-1.3	4.3.4-1.3	Sep 28, 2018	A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.
CVE-2017-6429	Hig	7.8	< 4.3.4-1.3	4.3.4-1.3	Mar 15, 2017	Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
CVE-2016-6160	Hig	7.5	< 4.1.2-1.1	4.1.2-1.1	Jan 23, 2017	tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.

CVE-2025-51006Sep 22, 2025
affected < 4.5.2-1.1fixed 4.5.2-1.1
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the sam
CVE-2025-9157MedAug 19, 2025
affected < 4.5.2-1.1fixed 4.5.2-1.1
A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on
CVE-2025-8746LowAug 9, 2025
affected < 4.5.1-2.1fixed 4.5.1-2.1
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may b
CVE-2023-27786Mar 16, 2023
affected < 4.4.4-1.1fixed 4.4.4-1.1
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
CVE-2023-27783Mar 16, 2023
affected < 4.4.4-1.1fixed 4.4.4-1.1
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
CVE-2020-24266Oct 19, 2020
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
CVE-2020-24265Oct 19, 2020
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
CVE-2019-8381Feb 17, 2019
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unsp
CVE-2019-8377Feb 17, 2019
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation
CVE-2019-8376Feb 17, 2019
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fa
CVE-2018-18408Oct 17, 2018
affected < 4.3.4-1.3fixed 4.3.4-1.3
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
CVE-2018-18407Oct 17, 2018
affected < 4.3.4-1.3fixed 4.3.4-1.3
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.
CVE-2018-17974Oct 3, 2018
affected < 4.3.4-1.3fixed 4.3.4-1.3
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than
CVE-2018-17582Sep 28, 2018
affected < 4.3.4-1.3fixed 4.3.4-1.3
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial o
CVE-2018-17580Sep 28, 2018
affected < 4.3.4-1.3fixed 4.3.4-1.3
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.
CVE-2017-6429HigMar 15, 2017
affected < 4.3.4-1.3fixed 4.3.4-1.3
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.
CVE-2016-6160HigJan 23, 2017
affected < 4.1.2-1.1fixed 4.1.2-1.1
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.