oss-sec mailing list archives
CVE-2016-6160: Segmentation fault in tcprewrite (tcpreplay)
From: Christoph Biedl <debian.axhn () manchmal in-ulm de>
Date: Tue, 5 Jul 2016 16:32:05 +0200
Hello, as already reported in Debian BTS#829350, the tcprewrite program, part of the tcpreplay suite, does not check the size of the frames it processes. Huge frames may trigger a segmentation fault, and they occur on interfaces with an MTU of or close to 65536. For example, the loopback interface lo of the Linux kernel has such a value. This has been assigned CVE-2016-6160. The Debian BTS also contains a fix. Christoph [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2016-6160: Segmentation fault in tcprewrite (tcpreplay) Christoph Biedl (Jul 05)