Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 830640 (CVE-2021-41043) - <net-analyzer/tcpslice-1.5: Use after free in tcpslice triggers AddressSanitizer (CVE-2021-41043)
Summary: <net-analyzer/tcpslice-1.5: Use after free in tcpslice triggers AddressSaniti...
Alias: CVE-2021-41043
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [glsa? cleanup]
Keywords: PullRequest
Depends on: 833732
  Show dependency tree
Reported: 2022-01-05 14:35 UTC by filip ambroz
Modified: 2022-02-19 15:08 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description filip ambroz 2022-01-05 14:35:40 UTC
Use after free in tcpslice triggers AddressSanitizer, NO OTHER CONFIRMED IMPACT.

[Tested on]
version 1.5-PRE-GIT
version 1.2a3

tcpslice -w a.txt heap.pcap

Segmentation fault

Fixed in version 1.5
Comment 1 John Helmert III gentoo-dev Security 2022-01-06 04:21:42 UTC
Thanks for reporting!
Comment 2 Larry the Git Cow gentoo-dev 2022-01-09 07:41:05 UTC
The bug has been referenced in the following commit(s):

commit fc753cec4a8697606ab5eeb9299097d1ffededd3
Author:     John Helmert III <>
AuthorDate: 2022-01-06 06:56:31 +0000
Commit:     John Helmert III <>
CommitDate: 2022-01-09 07:40:26 +0000

    net-analyzer/tcpslice: add 1.5
    Signed-off-by: John Helmert III <>

 net-analyzer/tcpslice/Manifest            |  2 ++
 net-analyzer/tcpslice/tcpslice-1.5.ebuild | 21 +++++++++++++++++++++
 2 files changed, 23 insertions(+)