csaf_opensuse - opensuse-su-2025-20119-1

OPENSUSE-SU-2025-20119-1

Vulnerability from csaf_opensuse - Published: 2025-11-27 12:29 - Updated: 2025-11-27 12:29

Summary

Security update for tcpreplay

Notes

Title of the patch

Security update for tcpreplay

Description of the patch

This update for tcpreplay fixes the following issues: - update to 4.5.2: * features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AF_XDP socket support - tcpreplay -w (write into a pcap file) - tcpreplay --fixhdrlen - --include and --exclude options - SLL2 support - Haiku support * security fixes reported for 4.4.4 fixed in 4.5.2 - CVE-2023-4256 / bsc#1218249 - CVE-2023-43279 / bsc#1221324 - CVE-2024-3024 / bsc#1222131 (likely) - CVE-2024-22654 / bsc#1243845 - CVE-2025-9157 / bsc#1248322 - CVE-2025-9384 / bsc#1248595 - CVE-2025-9385 / bsc#1248596 - CVE-2025-9386 / bsc#1248597 - CVE-2025-9649 / bsc#1248964 - CVE-2025-51006 / bsc#1250356

Patchnames

openSUSE-Leap-16.0-packagehub-35

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tcpreplay",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tcpreplay fixes the following issues:\n\n- update to 4.5.2:\n  * features added since 4.4.4\n    - fix/recalculate header checksum for ipv6-frag\n    - IPv6 frag checksum support\n    - AF_XDP socket support\n    - tcpreplay -w (write into a pcap file)\n    - tcpreplay --fixhdrlen\n    - --include and --exclude options\n    - SLL2 support\n    - Haiku support\n  * security fixes reported for 4.4.4 fixed in 4.5.2\n    - CVE-2023-4256  / bsc#1218249\n    - CVE-2023-43279 / bsc#1221324\n    - CVE-2024-3024  / bsc#1222131 (likely)\n    - CVE-2024-22654 / bsc#1243845\n    - CVE-2025-9157  / bsc#1248322\n    - CVE-2025-9384  / bsc#1248595\n    - CVE-2025-9385  / bsc#1248596\n    - CVE-2025-9386  / bsc#1248597\n    - CVE-2025-9649  / bsc#1248964\n    - CVE-2025-51006 / bsc#1250356\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Leap-16.0-packagehub-35",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20119-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218249",
        "url": "https://bugzilla.suse.com/1218249"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221324",
        "url": "https://bugzilla.suse.com/1221324"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1222131",
        "url": "https://bugzilla.suse.com/1222131"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1243845",
        "url": "https://bugzilla.suse.com/1243845"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1247919",
        "url": "https://bugzilla.suse.com/1247919"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248322",
        "url": "https://bugzilla.suse.com/1248322"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248595",
        "url": "https://bugzilla.suse.com/1248595"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248596",
        "url": "https://bugzilla.suse.com/1248596"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248597",
        "url": "https://bugzilla.suse.com/1248597"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1248964",
        "url": "https://bugzilla.suse.com/1248964"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1250356",
        "url": "https://bugzilla.suse.com/1250356"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4256 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4256/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-43279 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-43279/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22654 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22654/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3024 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3024/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-51006 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-51006/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-8746 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-8746/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9157 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9384 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9385 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9386 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9386/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-9649 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-9649/"
      }
    ],
    "title": "Security update for tcpreplay",
    "tracking": {
      "current_release_date": "2025-11-27T12:29:40Z",
      "generator": {
        "date": "2025-11-27T12:29:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025-20119-1",
      "initial_release_date": "2025-11-27T12:29:40Z",
      "revision_history": [
        {
          "date": "2025-11-27T12:29:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tcpreplay-4.5.2-bp160.1.1.aarch64",
                "product": {
                  "name": "tcpreplay-4.5.2-bp160.1.1.aarch64",
                  "product_id": "tcpreplay-4.5.2-bp160.1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tcpreplay-4.5.2-bp160.1.1.ppc64le",
                "product": {
                  "name": "tcpreplay-4.5.2-bp160.1.1.ppc64le",
                  "product_id": "tcpreplay-4.5.2-bp160.1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tcpreplay-4.5.2-bp160.1.1.s390x",
                "product": {
                  "name": "tcpreplay-4.5.2-bp160.1.1.s390x",
                  "product_id": "tcpreplay-4.5.2-bp160.1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tcpreplay-4.5.2-bp160.1.1.x86_64",
                "product": {
                  "name": "tcpreplay-4.5.2-bp160.1.1.x86_64",
                  "product_id": "tcpreplay-4.5.2-bp160.1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 16.0",
                "product": {
                  "name": "openSUSE Leap 16.0",
                  "product_id": "openSUSE Leap 16.0"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tcpreplay-4.5.2-bp160.1.1.aarch64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64"
        },
        "product_reference": "tcpreplay-4.5.2-bp160.1.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tcpreplay-4.5.2-bp160.1.1.ppc64le as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le"
        },
        "product_reference": "tcpreplay-4.5.2-bp160.1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tcpreplay-4.5.2-bp160.1.1.s390x as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x"
        },
        "product_reference": "tcpreplay-4.5.2-bp160.1.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tcpreplay-4.5.2-bp160.1.1.x86_64 as component of openSUSE Leap 16.0",
          "product_id": "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        },
        "product_reference": "tcpreplay-4.5.2-bp160.1.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 16.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4256",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4256"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4256",
          "url": "https://www.suse.com/security/cve/CVE-2023-4256"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218249 for CVE-2023-4256",
          "url": "https://bugzilla.suse.com/1218249"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-4256"
    },
    {
      "cve": "CVE-2023-43279",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-43279"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-43279",
          "url": "https://www.suse.com/security/cve/CVE-2023-43279"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221324 for CVE-2023-43279",
          "url": "https://bugzilla.suse.com/1221324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-43279"
    },
    {
      "cve": "CVE-2024-22654",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22654"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22654",
          "url": "https://www.suse.com/security/cve/CVE-2024-22654"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1243845 for CVE-2024-22654",
          "url": "https://bugzilla.suse.com/1243845"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-22654"
    },
    {
      "cve": "CVE-2024-3024",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3024"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3024",
          "url": "https://www.suse.com/security/cve/CVE-2024-3024"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222131 for CVE-2024-3024",
          "url": "https://bugzilla.suse.com/1222131"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3024"
    },
    {
      "cve": "CVE-2025-51006",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-51006"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-51006",
          "url": "https://www.suse.com/security/cve/CVE-2025-51006"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1250356 for CVE-2025-51006",
          "url": "https://bugzilla.suse.com/1250356"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-51006"
    },
    {
      "cve": "CVE-2025-8746",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-8746"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this \"bug appears to be in libopts which is an external library.\" This vulnerability only affects products that are no longer supported by the maintainer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-8746",
          "url": "https://www.suse.com/security/cve/CVE-2025-8746"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1247917 for CVE-2025-8746",
          "url": "https://bugzilla.suse.com/1247917"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "low"
        }
      ],
      "title": "CVE-2025-8746"
    },
    {
      "cve": "CVE-2025-9157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9157",
          "url": "https://www.suse.com/security/cve/CVE-2025-9157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248322 for CVE-2025-9157",
          "url": "https://bugzilla.suse.com/1248322"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-9157"
    },
    {
      "cve": "CVE-2025-9384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was \"[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2\".",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9384",
          "url": "https://www.suse.com/security/cve/CVE-2025-9384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248595 for CVE-2025-9384",
          "url": "https://bugzilla.suse.com/1248595"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-9384"
    },
    {
      "cve": "CVE-2025-9385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9385",
          "url": "https://www.suse.com/security/cve/CVE-2025-9385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248596 for CVE-2025-9385",
          "url": "https://bugzilla.suse.com/1248596"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-9385"
    },
    {
      "cve": "CVE-2025-9386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9386",
          "url": "https://www.suse.com/security/cve/CVE-2025-9386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248597 for CVE-2025-9386",
          "url": "https://bugzilla.suse.com/1248597"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-9386"
    },
    {
      "cve": "CVE-2025-9649",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-9649"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: \"Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3.\"",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
          "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-9649",
          "url": "https://www.suse.com/security/cve/CVE-2025-9649"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1248964 for CVE-2025-9649",
          "url": "https://bugzilla.suse.com/1248964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.aarch64",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.ppc64le",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.s390x",
            "openSUSE Leap 16.0:tcpreplay-4.5.2-bp160.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-27T12:29:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-9649"
    }
  ]
}

CVE-2025-9386 (GCVE-0-2025-9386)

Vulnerability from cvelistv5 – Published: 2025-08-24 11:02 – Updated: 2025-08-25 20:26

Summary

A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component.

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-416 - Use After Free
CWE-119 - Memory Corruption

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.321219	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.321219	signaturepermissions-required
	https://vuldb.com/?submit.630498	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/973	issue-tracking
	https://drive.google.com/file/d/1DcQWaTmj1HSbRidO…	exploit

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.5.0 Affected: 4.5.1 Unaffected: 4.5.2-beta3

Credits

HeureuxBuilding (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9386",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T20:26:18.668059Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T20:26:30.907Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "tcprewrite"
          ],
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.5.0"
            },
            {
              "status": "affected",
              "version": "4.5.1"
            },
            {
              "status": "unaffected",
              "version": "4.5.2-beta3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "HeureuxBuilding (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component."
        },
        {
          "lang": "de",
          "value": "In appneta tcpreplay bis 4.5.1 ist eine Schwachstelle entdeckt worden. Betroffen hiervon ist die Funktion get_l2len_protocol der Datei get.c der Komponente tcprewrite. Durch die Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Durch ein Upgrade auf Version 4.5.2-beta3 kann dieses Problem behoben werden. Die Aktualisierung der betroffenen Komponente wird empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-24T11:02:07.459Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-321219 | appneta tcpreplay tcprewrite get.c get_l2len_protocol use after free",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.321219"
        },
        {
          "name": "VDB-321219 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.321219"
        },
        {
          "name": "Submit #630498 | tcpreplay tcprewrite  tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) Use-After-Free",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630498"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/973"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1DcQWaTmj1HSbRidOCWwe9vtgHsBnFuX7/view?usp=sharing"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-23T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-23T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-23T17:14:46.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay tcprewrite get.c get_l2len_protocol use after free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9386",
    "datePublished": "2025-08-24T11:02:07.459Z",
    "dateReserved": "2025-08-23T15:09:37.515Z",
    "dateUpdated": "2025-08-25T20:26:30.907Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-43279 (GCVE-0-2023-43279)

Vulnerability from cvelistv5 – Published: 2024-03-12 00:00 – Updated: 2025-11-04 18:17

Summary

Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/appneta/tcpreplay/issues/824
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:17:21.302Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/appneta/tcpreplay/issues/824"
          },
          {
            "name": "FEDORA-2024-96903c39cb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
          },
          {
            "name": "FEDORA-2024-ec1fba69c2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
          },
          {
            "name": "FEDORA-2024-b3b2a95168",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-43279",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-22T18:51:45.001627Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T20:50:39.495Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-24T02:06:15.522Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/appneta/tcpreplay/issues/824"
        },
        {
          "name": "FEDORA-2024-96903c39cb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
        },
        {
          "name": "FEDORA-2024-ec1fba69c2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
        },
        {
          "name": "FEDORA-2024-b3b2a95168",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-43279",
    "datePublished": "2024-03-12T00:00:00.000Z",
    "dateReserved": "2023-09-18T00:00:00.000Z",
    "dateUpdated": "2025-11-04T18:17:21.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-9649 (GCVE-0-2025-9649)

Vulnerability from cvelistv5 – Published: 2025-08-29 13:32 – Updated: 2025-08-29 13:48

Summary

A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: "Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3."

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

CWE

CWE-369 - Divide By Zero
CWE-404 - Denial of Service

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.321855	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.321855	signaturepermissions-required
	https://vuldb.com/?submit.630493	third-party-advisory
	https://vuldb.com/?submit.630494	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/968	issue-tracking
	https://github.com/appneta/tcpreplay/issues/968#i…	issue-tracking
	https://drive.google.com/file/d/16QQtZvUrMbF-i_1c…	exploit

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.5.1 Unaffected: 4.5.3-beta3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9649",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-29T13:47:43.943895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-29T13:48:02.248Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.5.1"
            },
            {
              "status": "unaffected",
              "version": "4.5.3-beta3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in appneta tcpreplay 4.5.1. Impacted is the function calc_sleep_time of the file send_packets.c. Such manipulation leads to divide by zero. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. Upgrading to version 4.5.3-beta3 is recommended to address this issue. It is advisable to upgrade the affected component. The vendor confirms in a GitHub issue reply: \"Was able to reproduce in 6fcbf03 but NOT 4.5.3-beta3.\""
        },
        {
          "lang": "de",
          "value": "In appneta tcpreplay 4.5.1 ist eine Schwachstelle entdeckt worden. Betroffen ist die Funktion calc_sleep_time der Datei send_packets.c. Durch das Beeinflussen mit unbekannten Daten kann eine divide by zero-Schwachstelle ausgenutzt werden. Der Angriff muss lokal durchgef\u00fchrt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Durch ein Upgrade auf Version 4.5.3-beta3 kann dieses Problem behoben werden. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-369",
              "description": "Divide By Zero",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-29T13:32:07.505Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-321855 | appneta tcpreplay send_packets.c calc_sleep_time divide by zero",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.321855"
        },
        {
          "name": "VDB-321855 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.321855"
        },
        {
          "name": "Submit #630493 | tcpreplay tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) floating-point exception",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630493"
        },
        {
          "name": "Submit #630494 | tcpreplay tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) floating-point exception (Duplicate)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630494"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/968"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/968#issuecomment-3226338070"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/16QQtZvUrMbF-i_1cGt5hNWmkn-YVyBOM/view?usp=sharing"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-29T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-29T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-29T08:37:44.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay send_packets.c calc_sleep_time divide by zero"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9649",
    "datePublished": "2025-08-29T13:32:07.505Z",
    "dateReserved": "2025-08-29T06:32:22.398Z",
    "dateUpdated": "2025-08-29T13:48:02.248Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9384 (GCVE-0-2025-9384)

Vulnerability from cvelistv5 – Published: 2025-08-24 10:02 – Updated: 2025-08-25 20:25

Summary

A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was "[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2".

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

CWE

CWE-476 - NULL Pointer Dereference
CWE-404 - Denial of Service

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.321217	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.321217	signaturepermissions-required
	https://vuldb.com/?submit.630496	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/971	issue-tracking
	https://github.com/appneta/tcpreplay/issues/971#i…	issue-tracking
	https://drive.google.com/file/d/1oVmsER6CXULLz_rn…	exploit

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.5.0 Affected: 4.5.1 Unaffected: 4.5.2-beta2

Credits

HeureuxBuilding (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9384",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T20:24:47.591580Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T20:25:03.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.5.0"
            },
            {
              "status": "affected",
              "version": "4.5.1"
            },
            {
              "status": "unaffected",
              "version": "4.5.2-beta2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "HeureuxBuilding (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was \"[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2\"."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in appneta tcpreplay bis 4.5.1 entdeckt. Betroffen ist die Funktion tcpedit_post_args der Datei /src/tcpedit/parse_args.c. Dank Manipulation mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden. Das Aktualisieren auf Version 4.5.2-beta2 kann dieses Problem l\u00f6sen. Es wird geraten, die betroffene Komponente zu aktualisieren."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-24T10:02:07.626Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-321217 | appneta tcpreplay parse_args.c tcpedit_post_args null pointer dereference",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.321217"
        },
        {
          "name": "VDB-321217 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.321217"
        },
        {
          "name": "Submit #630496 | tcpreplay tcprewrite  tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) Null Pointer Dereference",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630496"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/971"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/971#issuecomment-3199014524"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1oVmsER6CXULLz_rnIyL410DJqO_hBtw_/view?usp=sharing"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-23T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-23T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-23T17:09:37.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay parse_args.c tcpedit_post_args null pointer dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9384",
    "datePublished": "2025-08-24T10:02:07.626Z",
    "dateReserved": "2025-08-23T15:03:34.869Z",
    "dateUpdated": "2025-08-25T20:25:03.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3024 (GCVE-0-2024-3024)

Vulnerability from cvelistv5 – Published: 2024-03-28 02:00 – Updated: 2024-08-01 19:32

Summary

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.258333	vdb-entrytechnical-descriptionexploit
	https://vuldb.com/?ctiid.258333	signaturepermissions-required
	https://vuldb.com/?submit.297866	third-party-advisory
	https://docs.google.com/document/d/1wCIrViAJwGsO5…	related
	https://drive.google.com/file/d/1zV9MSkfYLIrdtK3y…	broken-linkexploit

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.4.0 Affected: 4.4.1 Affected: 4.4.2 Affected: 4.4.3 Affected: 4.4.4

Credits

MSXF (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:appneta:tcpreplay:4.4.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tcpreplay",
            "vendor": "appneta",
            "versions": [
              {
                "lessThanOrEqual": "4.4.4",
                "status": "affected",
                "version": "4.4.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3024",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T15:36:00.568153Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T15:08:21.451Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-258333 | appneta tcpreplay get.c get_layer4_v6 heap-based overflow",
            "tags": [
              "vdb-entry",
              "technical-description",
              "exploit",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.258333"
          },
          {
            "name": "VDB-258333 | CTI Indicators (IOB, IOC, IOA)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.258333"
          },
          {
            "name": "Submit #297866 | appneta tcpreplay 4.4.4 (latest) heap-buffer-overflow",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.297866"
          },
          {
            "tags": [
              "related",
              "x_transferred"
            ],
            "url": "https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing"
          },
          {
            "tags": [
              "broken-link",
              "exploit",
              "x_transferred"
            ],
            "url": "https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.4.0"
            },
            {
              "status": "affected",
              "version": "4.4.1"
            },
            {
              "status": "affected",
              "version": "4.4.2"
            },
            {
              "status": "affected",
              "version": "4.4.3"
            },
            {
              "status": "affected",
              "version": "4.4.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "MSXF (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in appneta tcpreplay bis 4.4.4 ausgemacht. Sie wurde als problematisch eingestuft. Dabei betrifft es die Funktion get_layer4_v6 der Datei /tcpreplay/src/common/get.c. Durch das Beeinflussen mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-28T02:00:05.886Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-258333 | appneta tcpreplay get.c get_layer4_v6 heap-based overflow",
          "tags": [
            "vdb-entry",
            "technical-description",
            "exploit"
          ],
          "url": "https://vuldb.com/?id.258333"
        },
        {
          "name": "VDB-258333 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.258333"
        },
        {
          "name": "Submit #297866 | appneta tcpreplay 4.4.4 (latest) heap-buffer-overflow",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.297866"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing"
        },
        {
          "tags": [
            "broken-link",
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-03-27T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-03-27T19:30:59.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay get.c get_layer4_v6 heap-based overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-3024",
    "datePublished": "2024-03-28T02:00:05.886Z",
    "dateReserved": "2024-03-27T18:24:51.309Z",
    "dateUpdated": "2024-08-01T19:32:42.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-22654 (GCVE-0-2024-22654)

Vulnerability from cvelistv5 – Published: 2025-05-29 00:00 – Updated: 2025-05-30 15:00

Summary

tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/appneta/tcpreplay/issues/827
	https://gist.github.com/TimChan2001/4f25915b9952e…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-22654",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T14:59:28.190288Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-835",
                "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T15:00:02.916Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/appneta/tcpreplay/issues/827"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-29T14:10:23.866Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/appneta/tcpreplay/issues/827"
        },
        {
          "url": "https://gist.github.com/TimChan2001/4f25915b9952e8e3453db5cf72185b88"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-22654",
    "datePublished": "2025-05-29T00:00:00.000Z",
    "dateReserved": "2024-01-11T00:00:00.000Z",
    "dateUpdated": "2025-05-30T15:00:02.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8746 (GCVE-0-2025-8746)

Vulnerability from cvelistv5 – Published: 2025-08-09 06:02 – Updated: 2025-08-11 17:56

Summary

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer.

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

3.3 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

CWE

CWE-119 - Memory Corruption

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.319242	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.319242	signaturepermissions-required
	https://vuldb.com/?submit.623632	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/957	issue-tracking
	https://github.com/appneta/tcpreplay/issues/957#i…	issue-tracking
	https://drive.google.com/file/d/1yjKOHxvL_9xExy4Q…	exploit
	https://www.gnu.org/	product

Impacted products

	Vendor	Product	Version
	GNU	libopts	Affected: 27.0 Affected: 27.1 Affected: 27.2 Affected: 27.3 Affected: 27.4 Affected: 27.5 Affected: 27.6

Credits

nipc-cxd (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8746",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-11T17:54:28.716974Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-11T17:56:50.375Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/appneta/tcpreplay/issues/957"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libopts",
          "vendor": "GNU",
          "versions": [
            {
              "status": "affected",
              "version": "27.0"
            },
            {
              "status": "affected",
              "version": "27.1"
            },
            {
              "status": "affected",
              "version": "27.2"
            },
            {
              "status": "affected",
              "version": "27.3"
            },
            {
              "status": "affected",
              "version": "27.4"
            },
            {
              "status": "affected",
              "version": "27.5"
            },
            {
              "status": "affected",
              "version": "27.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "nipc-cxd (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this \"bug appears to be in libopts which is an external library.\" This vulnerability only affects products that are no longer supported by the maintainer."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in GNU libopts bis 27.6 gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um die Funktion __strstr_sse2. Dank der Manipulation mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-09T06:02:07.329Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-319242 | GNU libopts __strstr_sse2 memory corruption",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.319242"
        },
        {
          "name": "VDB-319242 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.319242"
        },
        {
          "name": "Submit #623632 | tcpreplay tcpliveplay tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) Segmentation Fault",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.623632"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/957"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/957#issuecomment-3124774393"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1yjKOHxvL_9xExy4QUb5x43dxci1x59ts/view?usp=sharing"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.gnu.org/"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-08T11:19:40.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "GNU libopts __strstr_sse2 memory corruption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-8746",
    "datePublished": "2025-08-09T06:02:07.329Z",
    "dateReserved": "2025-08-08T09:14:11.987Z",
    "dateUpdated": "2025-08-11T17:56:50.375Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4256 (GCVE-0-2023-4256)

Vulnerability from cvelistv5 – Published: 2023-12-21 16:03 – Updated: 2025-02-13 17:09

Summary

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

CWE-415 - Double Free

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=2255212	issue-trackingx_refsource_REDHAT
	https://github.com/appneta/tcpreplay/issues/813
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

Vendor

Product

Version

n/a

tcpreplay

	Fedora	Extra Packages for Enterprise Linux
	Fedora	Fedora

Credits

Red Hat would like to thank iskindar97@gmail.com for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:24:04.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHBZ#2255212",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/appneta/tcpreplay/issues/813"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "tcpreplay",
          "vendor": "n/a"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "tcpreplay",
          "product": "Extra Packages for Enterprise Linux",
          "vendor": "Fedora"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "tcpreplay",
          "product": "Fedora",
          "vendor": "Fedora"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank iskindar97@gmail.com for reporting this issue."
        }
      ],
      "datePublic": "2023-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-24T02:06:07.371Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBZ#2255212",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255212"
        },
        {
          "url": "https://github.com/appneta/tcpreplay/issues/813"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-19T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-07-19T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c",
      "x_redhatCweChain": "CWE-415: Double Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-4256",
    "datePublished": "2023-12-21T16:03:21.837Z",
    "dateReserved": "2023-08-08T20:17:30.643Z",
    "dateUpdated": "2025-02-13T17:09:26.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9157 (GCVE-0-2025-9157)

Vulnerability from cvelistv5 – Published: 2025-08-19 20:02 – Updated: 2025-08-19 20:32

Summary

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue.

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-416 - Use After Free
CWE-119 - Memory Corruption

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.320537	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.320537	signaturepermissions-required
	https://vuldb.com/?submit.630495	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/970	issue-tracking
	https://github.com/appneta/tcpreplay/issues/970#i…	issue-tracking
	https://drive.google.com/file/d/1_aONM_TOF96JbnYv…	exploit
	https://github.com/appneta/tcpreplay/commit/73008…	patch

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.5.2-beta1 Affected: 4.5.2-beta2

Credits

HeureuxBuilding (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9157",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-19T20:32:34.213995Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-19T20:32:45.294Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "tcprewrite"
          ],
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.5.2-beta1"
            },
            {
              "status": "affected",
              "version": "4.5.2-beta2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "HeureuxBuilding (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in appneta tcpreplay bis 4.5.2-beta2 entdeckt. Es geht hierbei um die Funktion untrunc_packet der Datei src/tcpedit/edit_packet.c der Komponente tcprewrite. Durch das Manipulieren mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden. Der Patch tr\u00e4gt den Namen 73008f261f1cdf7a1087dc8759115242696d35da. Es wird geraten, einen Patch zu installieren, um dieses Problem zu l\u00f6sen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T20:02:08.552Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-320537 | appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.320537"
        },
        {
          "name": "VDB-320537 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.320537"
        },
        {
          "name": "Submit #630495 | tcpreplay tcprewrite  tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) Use-After-Free",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630495"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/970"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/970#issuecomment-3198966053"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1_aONM_TOF96JbnYviPyZhVk-7HObtX8H/view?usp=sharing"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-19T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-19T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-19T11:31:47.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9157",
    "datePublished": "2025-08-19T20:02:08.552Z",
    "dateReserved": "2025-08-19T09:26:39.372Z",
    "dateUpdated": "2025-08-19T20:32:45.294Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-51006 (GCVE-0-2025-51006)

Vulnerability from cvelistv5 – Published: 2025-09-22 00:00 – Updated: 2025-09-22 15:53

Summary

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/appneta/tcpreplay/issues/926
	https://github.com/sy460129/CVE-2025-51006

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-51006",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-22T15:52:02.489600Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-415",
                "description": "CWE-415 Double Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-22T15:53:57.492Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Within tcpreplay\u0027s tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-22T13:42:04.889Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/appneta/tcpreplay/issues/926"
        },
        {
          "url": "https://github.com/sy460129/CVE-2025-51006"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-51006",
    "datePublished": "2025-09-22T00:00:00.000Z",
    "dateReserved": "2025-06-16T00:00:00.000Z",
    "dateUpdated": "2025-09-22T15:53:57.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-9385 (GCVE-0-2025-9385)

Vulnerability from cvelistv5 – Published: 2025-08-24 10:32 – Updated: 2025-08-25 20:25

Summary

A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component.

Severity ?

4.8 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-416 - Use After Free
CWE-119 - Memory Corruption

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.321218	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.321218	signaturepermissions-required
	https://vuldb.com/?submit.630497	third-party-advisory
	https://github.com/appneta/tcpreplay/issues/972	issue-tracking
	https://github.com/appneta/tcpreplay/issues/972#i…	issue-tracking
	https://drive.google.com/file/d/1BQZF558bRHv07wtl…	exploit

Impacted products

	Vendor	Product	Version
	appneta	tcpreplay	Affected: 4.5.0 Affected: 4.5.1 Unaffected: 4.5.2-beta3

Credits

HeureuxBuilding (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9385",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T20:25:28.234106Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T20:25:47.249Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "tcprewrite"
          ],
          "product": "tcpreplay",
          "vendor": "appneta",
          "versions": [
            {
              "status": "affected",
              "version": "4.5.0"
            },
            {
              "status": "affected",
              "version": "4.5.1"
            },
            {
              "status": "unaffected",
              "version": "4.5.2-beta3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "HeureuxBuilding (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component."
        },
        {
          "lang": "de",
          "value": "In appneta tcpreplay bis 4.5.1 wurde eine Schwachstelle gefunden. Betroffen davon ist die Funktion fix_ipv6_checksums der Datei edit_packet.c der Komponente tcprewrite. Mit der Manipulation mit unbekannten Daten kann eine use after free-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden. Das Problem kann durch ein Upgrade auf Version 4.5.2-beta3 adressiert werden. Ein Upgrade der betroffenen Komponente wird empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.3,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-24T10:32:06.713Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-321218 | appneta tcpreplay tcprewrite edit_packet.c fix_ipv6_checksums use after free",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.321218"
        },
        {
          "name": "VDB-321218 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.321218"
        },
        {
          "name": "Submit #630497 | tcpreplay tcprewrite  tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) Use-After-Free",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.630497"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/972"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/appneta/tcpreplay/issues/972#issuecomment-3199019278"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1BQZF558bRHv07wtlCoZgtqTlEpHgfytp/view?usp=sharing"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-23T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-23T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-23T17:12:22.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "appneta tcpreplay tcprewrite edit_packet.c fix_ipv6_checksums use after free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9385",
    "datePublished": "2025-08-24T10:32:06.713Z",
    "dateReserved": "2025-08-23T15:07:12.250Z",
    "dateUpdated": "2025-08-25T20:25:47.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

OPENSUSE-SU-2025-20119-1

CVE-2025-9386 (GCVE-0-2025-9386)

CVE-2023-43279 (GCVE-0-2023-43279)

CVE-2025-9649 (GCVE-0-2025-9649)

CVE-2025-9384 (GCVE-0-2025-9384)

CVE-2024-3024 (GCVE-0-2024-3024)

CVE-2024-22654 (GCVE-0-2024-22654)

CVE-2025-8746 (GCVE-0-2025-8746)

CVE-2023-4256 (GCVE-0-2023-4256)

CVE-2025-9157 (GCVE-0-2025-9157)

CVE-2025-51006 (GCVE-0-2025-51006)

CVE-2025-9385 (GCVE-0-2025-9385)

Tags

Sightings

Nomenclature