Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-27939: [Bug] Reachable assertion in get_layer4_v6 · Issue #717 · appneta/tcpreplay

tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.

CVE
#git

You are opening a bug report against the Tcpreplay project: we use
GitHub Issues for tracking bug reports and feature requests.

Otherwise, to report a bug, please fill out the reproduction steps
(below) and delete these introductory paragraphs. Thanks!

Describe the bug
The assertion assert(ip6_hdr); in get_layer4_v6() at common/get.c is reachable when the user uses tcprewrite to open a crafted pcap file.

Warning: tcprewrite/crash.0 was captured using a snaplen of 96 bytes.  This may mean you have truncated packets.
tcprewrite: get.c:599: void *get_layer4_v6(const ipv6_hdr_t *, const int): Assertion `ip6_hdr' failed.
Aborted

Expected behavior
Program reports assertion failure and is terminated.

Related news

Gentoo Linux Security Advisory 202210-08

Gentoo Linux Security Advisory 202210-8 - Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which could result in denial of service. Versions less than 4.4.2 are affected.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907