Updated tcpreplay package fixes security vulnerabilities
Publication date: 23 Nov 2020Modification date: 23 Nov 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-24265 , CVE-2020-24266
Description
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service (CVE-2020-24265). An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service (CVE-2020-24266).
References
SRPMS
7/core
- tcpreplay-4.3.3-1.1.mga7