833139 – (CVE-2021-45386, CVE-2021-45387, CVE-2022-27416, CVE-2022-27418) <net-analyzer/tcpreplay-4.4.1: multiple vulnerabilities (CVE-2021-{45386,45387})

Bug 833139 (CVE-2021-45386, CVE-2021-45387, CVE-2022-27416, CVE-2022-27418) - <net-analyzer/tcpreplay-4.4.1: multiple vulnerabilities (CVE-2021-{45386,45387})

Summary: <net-analyzer/tcpreplay-4.4.1: multiple vulnerabilities (CVE-2021-{45386,45387})

Status:	RESOLVED FIXED

Alias:	CVE-2021-45386, CVE-2021-45387, CVE-2022-27416, CVE-2022-27418

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [glsa+]
Keywords:

Depends on:	834459
Blocks:
	Show dependency tree

Reported:	2022-02-11 20:40 UTC by filip ambroz
Modified:	2022-10-16 15:04 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description filip ambroz 2022-02-11 20:40:44 UTC

[CVE-2021-45386]
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
URL: https://github.com/appneta/tcpreplay/issues/687
Fixed in: 4.4.0

[CVE-2021-45387]
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
URL: https://github.com/appneta/tcpreplay/issues/687
Fixed in: 4.4.0

Comment 1 Larry the Git Cow gentoo-dev

2022-02-13 16:21:55 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f59a2f395f9edd7db3c03ac4628300e417f827b3

commit f59a2f395f9edd7db3c03ac4628300e417f827b3
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-02-13 16:18:46 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-02-13 16:19:25 +0000

    net-analyzer/tcpreplay: add 4.4.1
    
    Bug: https://bugs.gentoo.org/833139
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/tcpreplay/Manifest                    |  1 +
 .../tcpreplay-4.4.1-fix-bashism-configure.patch    | 34 +++++++++
 net-analyzer/tcpreplay/tcpreplay-4.4.1.ebuild      | 85 ++++++++++++++++++++++
 ...preplay-999999.ebuild => tcpreplay-9999.ebuild} |  2 +-
 4 files changed, 121 insertions(+), 1 deletion(-)

Comment 2 John Helmert III archtester

2022-04-13 15:09:45 UTC

CVE-2022-27418 (https://github.com/appneta/tcpreplay/issues/703):

Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.

CVE-2022-27416 (https://github.com/appneta/tcpreplay/issues/702):

Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.

Comment 3 John Helmert III archtester

2022-10-14 03:10:56 UTC

GLSA request filed

Comment 4 Larry the Git Cow gentoo-dev

2022-10-16 14:46:25 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=88ba016aa774dab2e07e26e0c461ed03c93e6462

commit 88ba016aa774dab2e07e26e0c461ed03c93e6462
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-10-16 14:42:49 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-16 14:45:24 +0000

    [ GLSA 202210-08 ] Tcpreplay: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/833139
    Bug: https://bugs.gentoo.org/836240
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202210-08.xml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

Comment 5 Larry the Git Cow gentoo-dev

2022-10-16 15:03:55 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5d5ed53a1fde4bc265745acf50499481a20054a1

commit 5d5ed53a1fde4bc265745acf50499481a20054a1
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-10-16 15:03:41 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-16 15:03:41 +0000

    net-analyzer/tcpreplay: drop 4.3.4, 4.4.1
    
    Bug: https://bugs.gentoo.org/836240
    Bug: https://bugs.gentoo.org/833139
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-analyzer/tcpreplay/Manifest               |  2 -
 net-analyzer/tcpreplay/tcpreplay-4.3.4.ebuild | 77 ------------------------
 net-analyzer/tcpreplay/tcpreplay-4.4.1.ebuild | 87 ---------------------------
 3 files changed, 166 deletions(-)

Comment 6 John Helmert III archtester

2022-10-16 15:04:19 UTC

GLSA released, all done!