diff options
| author | Archana Polampalli <archana.polampalli@windriver.com> | 2025-10-08 16:18:30 +0530 |
|---|---|---|
| committer | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-10-17 10:51:26 +0200 |
| commit | b6c9eb2ce5dba2a1794b761e49ccc0556362475e (patch) | |
| tree | f1568faba945980ec21437c4d229b973b812f322 /meta-oe/lib | |
| parent | 0538af085a47b038e369db9872ffed8945b200c2 (diff) | |
| download | meta-openembedded-b6c9eb2ce5dba2a1794b761e49ccc0556362475e.tar.gz | |
tcpreplay: fix CVE-2025-51006
Within tcpreplay's tcprewrite, a double free vulnerability has been identified
in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c.
This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly
invokes the cleanup routine multiple times on the same memory region.
By supplying a specifically crafted pcap file to the tcprewrite binary,
a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Diffstat (limited to 'meta-oe/lib')
0 files changed, 0 insertions, 0 deletions
