Advisories ยป MGASA-2020-0437

Updated tcpreplay package fixes security vulnerabilities

Publication date: 23 Nov 2020
Modification date: 23 Nov 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-24265 , CVE-2020-24266

Description

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer
overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep
crash and cause a denial of service (CVE-2020-24265).

An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer
overflow vulnerability in get_l2len() that can make tcpprep crash and cause a
denial of service (CVE-2020-24266).
                

References

SRPMS

7/core