CVE-2018-17974
First published: Wed Oct 03 2018(Updated: )
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Tcpreplay | =4.3.0-beta1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue in Tcpreplay?
The vulnerability ID for this issue in Tcpreplay is CVE-2018-17974.
What is the severity of CVE-2018-17974?
The severity of CVE-2018-17974 is medium.
What is the affected software version of CVE-2018-17974?
The affected software version of CVE-2018-17974 is Tcpreplay 4.3.0 beta1.
How does CVE-2018-17974 occur?
CVE-2018-17974 occurs due to a heap-based buffer over-read triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c in Tcpreplay 4.3.0 beta1.
Are there any references related to CVE-2018-17974?
Yes, there are references related to CVE-2018-17974. You can find them at the following links: [Reference 1](https://github.com/SegfaultMasters/covering360/tree/master/tcpreplay) [Reference 2](https://github.com/appneta/tcpreplay/issues/486)
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/broadcom
- canonical/broadcom tcpreplay
- version/broadcom tcpreplay/4.3.0-beta1