Wind River Support Network

HomeDefectsLIN9-7674

Fixed

LIN9-7674 : Security Advisory - tcpreplay - CVE-2018-18407

Created: Oct 31, 2018 Updated: Dec 10, 2018

Resolved Date: Nov 12, 2018

Found In Version: 9.0.0.18

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.

https://nvd.nist.gov/vuln/detail/CVE-2018-18407

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-18407