Ubuntu 7231-1: Tcpreplay Security Advisory Updates
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Tcpreplay could be made to crash if it received specially crafted input. Software Description: - tcpreplay: Tool to replay saved tcpdump files at arbitrary speeds Details: It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27783) It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. (CVE-2023-27784, CVE-2023-27785, CVE-2023-27786, CVE-2023-27787, CVE-2023-27788, CVE-2023-27789) It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. An attacker cou...
Read the Full AdvisoryUpdate Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS tcpreplay 4.4.4-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS tcpreplay 4.3.4-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS tcpreplay 4.3.2-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS tcpreplay 4.2.6-1ubuntu0.1~esm5 Available with Ubuntu Pro Ubuntu 16.04 LTS tcpreplay 3.4.4-2+deb8u1ubuntu0.1~esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7231-1
CVE-2023-27783, CVE-2023-27784, CVE-2023-27785, CVE-2023-27786,
CVE-2023-27787, CVE-2023-27788, CVE-2023-27789, CVE-2023-4256,
CVE-2023-43279
Package Information
