CVE-2018-17974

Summary

CVE	CVE-2018-17974
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-10-03 22:29:00 UTC
Updated	2022-04-02 03:30:00 UTC
Description	An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service.

Risk And Classification

Problem Types: CWE-125

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Appneta	Tcpreplay	4.3.0	beta1	All	All
Application	Appneta	Tcpreplay	4.3.0	beta1	All	All
Application	Broadcom	Tcpreplay	4.3.0	beta1	All	All

References

Reference	Source	Link	Tags
Heap overflow in dlt_en10mb_encode() · Issue #486 · appneta/tcpreplay · GitHub	MISC	github.com	Exploit, Third Party Advisory
covering360/tcpreplay at master · SegfaultMasters/covering360 · GitHub	MISC	github.com	Exploit, Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.