Candidate: CVE-2018-17582
PublicDate: 2018-09-28 09:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17582
 https://github.com/appneta/tcpreplay/issues/484
 https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay
Description:
 Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The
 get_next_packet() function in the send_packets.c file uses the memcpy()
 function unsafely to copy sequences from the source buffer pktdata to the
 destination (*prev_packet)->pktdata. This will result in a Denial of
 Service (DoS) and potentially Information Exposure when the application
 attempts to process a file.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H [7.1 HIGH]


Patches_tcpreplay:
 upstream: https://github.com/appneta/tcpreplay/commit/68f67b1a3a4d319543692afb5bd5b191ec984287
upstream_tcpreplay: released (4.3.0)
precise/esm_tcpreplay: DNE
trusty_tcpreplay: ignored (reached end-of-life)
trusty/esm_tcpreplay: DNE (trusty was needed)
xenial_tcpreplay: ignored (end of standard support, was needed)
bionic_tcpreplay: needed
cosmic_tcpreplay: ignored (reached end-of-life)
disco_tcpreplay: not-affected (4.3.1-2)
eoan_tcpreplay: ignored (reached end-of-life)
focal_tcpreplay: not-affected (4.3.2-1build1)
groovy_tcpreplay: ignored (reached end-of-life)
hirsute_tcpreplay: not-affected (4.3.3-2)
impish_tcpreplay: not-affected (4.3.3-2)
jammy_tcpreplay: not-affected
devel_tcpreplay: not-affected