CVE-2019-8381 - log back

CVE-2019-8381 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ An issue was discovered in tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
References
+ https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1/
+ https://github.com/appneta/tcpreplay/issues/538
+ https://github.com/appneta/tcpreplay/pull/548/commits/dae97cbafc5c06ebbc6b34e76ba614104f1b73e1
Notes