Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 836240 (CVE-2022-27939, CVE-2022-27940, CVE-2022-27941, CVE-2022-27942, CVE-2022-28487, CVE-2022-37047, CVE-2022-37048, CVE-2022-37049) - <net-analyzer/tcpreplay-4.4.2: multiple vulnerabilities
Summary: <net-analyzer/tcpreplay-4.4.2: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2022-27939, CVE-2022-27940, CVE-2022-27941, CVE-2022-27942, CVE-2022-28487, CVE-2022-37047, CVE-2022-37048, CVE-2022-37049
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/appneta/tcpreplay/...
Whiteboard: B4 [glsa+]
Keywords:
Depends on: 877033
Blocks:
  Show dependency tree
 
Reported: 2022-03-27 01:06 UTC by John Helmert III
Modified: 2022-10-16 15:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-27 01:06:37 UTC
CVE-2022-27942 (https://github.com/appneta/tcpreplay/issues/719):

tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.

CVE-2022-27941 (https://github.com/appneta/tcpreplay/issues/716):

tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.

CVE-2022-27940 (https://github.com/appneta/tcpreplay/issues/718):

tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.

CVE-2022-27939 (https://github.com/appneta/tcpreplay/issues/717):

tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.

Unfixed upstream.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-05-07 15:05:19 UTC
CVE-2022-28487 (https://github.com/appneta/tcpreplay/pull/720):

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-17 19:38:55 UTC
All issues are patched in the 4.4.2 *branch*, doesn't seem Github has a release of 4.4.2 yet.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-19 22:12:29 UTC
CVE-2022-37047 (https://github.com/appneta/tcpreplay/issues/734):

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

Patched by https://github.com/appneta/tcpreplay/issues/718

CVE-2022-37048 (https://github.com/appneta/tcpreplay/issues/735):

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.

Patched by https://github.com/appneta/tcpreplay/pull/744

CVE-2022-37049 (https://github.com/appneta/tcpreplay/issues/736):

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.

Patched by https://github.com/appneta/tcpreplay/issues/718
Comment 4 Larry the Git Cow gentoo-dev 2022-08-27 06:14:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f8a5c2cc9833bc9c4f85eb8be95bc5dcc83ea8e8

commit f8a5c2cc9833bc9c4f85eb8be95bc5dcc83ea8e8
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-08-27 05:57:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-27 06:05:56 +0000

    net-analyzer/tcpreplay: add 4.4.2
    
    Bug: https://bugs.gentoo.org/836240
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/tcpreplay/Manifest               |  1 +
 net-analyzer/tcpreplay/tcpreplay-4.4.2.ebuild | 86 +++++++++++++++++++++++++++
 net-analyzer/tcpreplay/tcpreplay-9999.ebuild  |  1 -
 3 files changed, 87 insertions(+), 1 deletion(-)
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-14 03:11:00 UTC
GLSA request filed
Comment 6 Larry the Git Cow gentoo-dev 2022-10-16 14:46:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=88ba016aa774dab2e07e26e0c461ed03c93e6462

commit 88ba016aa774dab2e07e26e0c461ed03c93e6462
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-10-16 14:42:49 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-16 14:45:24 +0000

    [ GLSA 202210-08 ] Tcpreplay: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/833139
    Bug: https://bugs.gentoo.org/836240
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202210-08.xml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
Comment 7 Larry the Git Cow gentoo-dev 2022-10-16 15:03:53 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5d5ed53a1fde4bc265745acf50499481a20054a1

commit 5d5ed53a1fde4bc265745acf50499481a20054a1
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-10-16 15:03:41 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-16 15:03:41 +0000

    net-analyzer/tcpreplay: drop 4.3.4, 4.4.1
    
    Bug: https://bugs.gentoo.org/836240
    Bug: https://bugs.gentoo.org/833139
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-analyzer/tcpreplay/Manifest               |  2 -
 net-analyzer/tcpreplay/tcpreplay-4.3.4.ebuild | 77 ------------------------
 net-analyzer/tcpreplay/tcpreplay-4.4.1.ebuild | 87 ---------------------------
 3 files changed, 166 deletions(-)
Comment 8 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-16 15:04:13 UTC
GLSA released, all done!