Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tcpreplay | Broadcom | 4.4.4 (including) | 4.4.4 (including) |
| Tcpreplay | Ubuntu | esm-apps/bionic | * |
| Tcpreplay | Ubuntu | esm-apps/focal | * |
| Tcpreplay | Ubuntu | esm-apps/jammy | * |
| Tcpreplay | Ubuntu | esm-apps/noble | * |
| Tcpreplay | Ubuntu | esm-apps/xenial | * |
| Tcpreplay | Ubuntu | focal | * |
| Tcpreplay | Ubuntu | jammy | * |
| Tcpreplay | Ubuntu | mantic | * |
| Tcpreplay | Ubuntu | noble | * |
| Tcpreplay | Ubuntu | upstream | * |
Potential Mitigations
References
- https://github.com/appneta/tcpreplay/issues/824
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/
- https://github.com/appneta/tcpreplay/issues/824
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/