Assertion Vulnerability in Tcpreplay Affects Multiple Versions
CVE-2022-27939

5.5MEDIUM

Key Information:

Vendor
Broadcom
Status
Tcpreplay
Vendor
CVE Published:
26 March 2022

Summary

An assertion vulnerability has been identified in Tcpreplay 4.4.1 specifically located in the function get_layer4_v6 within common/get.c. This flaw allows for potential unexpected behavior during the processing of network traffic, which may be exploited by an attacker to disrupt normal functions or manipulate the application's intended operations. Users of the affected version are advised to review their systems and apply the necessary patches to mitigate this risk.

References

https://github.com/appneta/tcpreplay/issues/717
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisory

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.