Packages
- tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds
Details
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input when processed by tcpprep. An attacker could possibly use
this issue to cause a denial of service. This issue only affected
Ubuntu 18.04 ESM. (CVE-2018-13112)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input. An attacker could possibly use this issue to cause a denial
of service or expose sensitive information. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17580, CVE-2018-17582)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.
(
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input when processed by tcpprep. An attacker could possibly use
this issue to cause a denial of service. This issue only affected
Ubuntu 18.04 ESM. (CVE-2018-13112)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input. An attacker could possibly use this issue to cause a denial
of service or expose sensitive information. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-17580, CVE-2018-17582)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.
(CVE-2018-17974, CVE-2018-18407)
It was discovered that a use-after-free existed in Tcpreplay in the tcpbridge
binary. An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-18408)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 ESM
and Ubuntu 20.04 ESM. (CVE-2018-20552, CVE-2018-20553)
It was discovered that a heap-based buffer over-read that existed in Tcpreplay
caused an application crash when tcprewrite or tcpreplay-edit received specially
crafted packet capture input. An attacker could possibly use this to cause a
denial of service or to expose sensitive information. This issue only affected
Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-12740)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input when processed by tcpprep. An attacker could possibly use
this issue to cause a denial of service. This issue only affected
Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-24265, CVE-2020-24266)
It was discovered that Tcpreplay incorrectly handled certain specially crafted
packet capture input when processed by tcprewrite. An attacker could possibly
use this issue to cause a denial of service. This issue only affected Ubuntu
22.04 ESM. (CVE-2022-27416)
It was discovered that Tcpreplay did not properly manage memory under certain
circumstances. If a user were tricked into opening a specially crafted packet
capture file, a remote attacker could possibly use this issue to cause
Tcpreplay crash, resulting in a denial of service, or possibly read sensitive
data. This issue only affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM and Ubuntu
22.04 ESM. (CVE-2022-28487)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 22.04 jammy | tcpreplay – 4.3.4-1ubuntu0.1~esm1 | ||
| 20.04 focal | tcpreplay – 4.3.2-1ubuntu0.1~esm2 | ||
| 18.04 bionic | tcpreplay – 4.2.6-1ubuntu0.1~esm4 | ||
| 16.04 xenial | tcpreplay – 3.4.4-2+deb8u1ubuntu0.1~esm2 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
- CVE-2022-28487
- CVE-2022-27416
- CVE-2020-24266
- CVE-2020-24265
- CVE-2020-12740
- CVE-2018-20553
- CVE-2018-20552
- CVE-2018-18408
- CVE-2018-18407
- CVE-2018-17974
- CVE-2022-28487
- CVE-2022-27416
- CVE-2020-24266
- CVE-2020-24265
- CVE-2020-12740
- CVE-2018-20553
- CVE-2018-20552
- CVE-2018-18408
- CVE-2018-18407
- CVE-2018-17974
- CVE-2018-17582
- CVE-2018-17580
- CVE-2018-13112