Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 612224 (CVE-2017-6429) - <net-analyzer/tcpreplay-4.1.2-r1: Buffer overflow in tcpcapinfo utility (CVE-2017-6429)
Summary: <net-analyzer/tcpreplay-4.1.2-r1: Buffer overflow in tcpcapinfo utility (CVE-...
Status: RESOLVED FIXED
Alias: CVE-2017-6429
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa/cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-10 16:33 UTC by Agostino Sarubbo
Modified: 2017-03-24 06:04 UTC (History)
1 user (show)

See Also:
Package list:
=net-analyzer/tcpreplay-4.1.2-r1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-03-10 16:33:05 UTC
From ${URL} :

Tcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.

References:

http://seclists.org/bugtraq/2017/Mar/22

Upstream bug:

https://github.com/appneta/tcpreplay/issues/278

Upstream patch:

https://github.com/appneta/tcpreplay/commit/d689d14dbcd768c028eab2fb378d849e543dcfe9


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Jeroen Roovers gentoo-dev 2017-03-18 11:31:45 UTC
Upstream appears to be working leisurely toward a 4.2.0 release and has not (yet) released a 4.1 branch version that fixes the issue.

Arch teams, please test and mark stable:
=net-analyzer/tcpreplay-4.1.2-r1
Targeted stable KEYWORDS : amd64 x86
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-03-19 14:24:18 UTC
CVE-2017-6429 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6429):
  Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1
  allows remote attackers to have unspecified impact via a pcap file with an
  over-size packet.
Comment 3 Agostino Sarubbo gentoo-dev 2017-03-20 12:28:48 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-03-21 14:34:33 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 5 Thomas Deutschmann gentoo-dev Security 2017-03-23 20:27:19 UTC
No ACE/RCE, downgraded to B3.

GLSA Vote: No

Repository is clean, all done.