CVE-2019-8381

Public Exploit

Description

An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.

References

Link	Tags
https://github.com/appneta/tcpreplay/issues/538	issue tracking exploit third party advisory
https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1/	third party advisory exploit
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6/	vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/	vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EB3ASS7URTIA3IFSBL2DIWJAFKTBJCAW/	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2019-8381?: CVE-2019-8381 has been scored as a high severity vulnerability.
How to fix CVE-2019-8381?: To fix CVE-2019-8381, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-8381 being actively exploited in the wild?: It is possible that CVE-2019-8381 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions