905323 – (CVE-2023-27783, CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789) <net-analyzer/tcpreplay-4.4.4: multiple vulnerabilities

Bug 905323 (CVE-2023-27783, CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789) - <net-analyzer/tcpreplay-4.4.4: multiple vulnerabilities

Summary: <net-analyzer/tcpreplay-4.4.4: multiple vulnerabilities

Status:	CONFIRMED

Alias:	CVE-2023-27783, CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [glsa? cleanup]
Keywords:

Depends on:	910087
Blocks:
	Show dependency tree

Reported:	2023-04-29 19:37 UTC by John Helmert III
Modified:	2023-07-13 03:33 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2023-04-29 19:37:54 UTC

CVE-2023-27783 (https://github.com/appneta/tcpreplay/issues/780):

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.

CVE-2023-27784 (https://github.com/appneta/tcpreplay/issues/787):

An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.

CVE-2023-27785 (https://github.com/appneta/tcpreplay/issues/785):

An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.

CVE-2023-27786 (https://github.com/appneta/tcpreplay/issues/782):

An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.

CVE-2023-27787 (https://github.com/appneta/tcpreplay/issues/788):

An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint.

CVE-2023-27788 (https://github.com/appneta/tcpreplay/issues/786):

An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.

CVE-2023-27789 (https://github.com/appneta/tcpreplay/issues/784):

An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint.

The reporter, to their credit, has also opened PRs to fix these
issues, but no action from upstream on the issues.

Comment 1 Larry the Git Cow gentoo-dev

2023-06-11 23:57:04 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=21d945f9f9212093cd97440282fb47ba9f625137

commit 21d945f9f9212093cd97440282fb47ba9f625137
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-06-11 23:56:45 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-06-11 23:56:45 +0000

    net-analyzer/tcpreplay: add 4.4.4
    
    Bug: https://bugs.gentoo.org/905323
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/tcpreplay/Manifest               |  1 +
 net-analyzer/tcpreplay/tcpreplay-4.4.4.ebuild | 86 +++++++++++++++++++++++++++
 2 files changed, 87 insertions(+)