Description
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component.
CVSS breakdown
CVSS 4.0
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
Low
User Interaction
None
Confidentiality (Vulnerable System)
Low
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
Low
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
E
Physical
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
E
Physical
RL
O
RC
Changed
Affected products
- appneta / tcpreplay4.5.0 – 4.5.0
- appneta / tcpreplay4.5.1 – 4.5.1
- appneta / tcpreplay4.5.2-beta3 – 4.5.2-beta3
References
- MISChttps://vuldb.com/?id.321218
- MISChttps://vuldb.com/?ctiid.321218
- MISChttps://vuldb.com/?submit.630497
- MISChttps://github.com/appneta/tcpreplay/issues/972
- MISChttps://github.com/appneta/tcpreplay/issues/972#issuecomment-3199019278
- MISChttps://drive.google.com/file/d/1BQZF558bRHv07wtlCoZgtqTlEpHgfytp/view?usp=sharing