CVE-2023-4256 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-4256 PUBLISHED CVSS 5.5 MEDIUM

Reported by redhat · Published December 21, 2023

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
n/a	tcpreplay
Fedora	Extra Packages for Enterprise Linux
Fedora	Fedora
Fedora	Fedora
Fedora	Extra Packages for Enterprise Linux
n/a	tcpreplay

Timeline

Dec 21, 2023 CVE Published
Dec 22, 2023 EPSS Score
Jan 19, 2024 EPSS Score
Feb 17, 2024 EPSS Score
Mar 16, 2024 EPSS Score
Apr 14, 2024 EPSS Score
May 12, 2024 EPSS Score
Jun 9, 2024 EPSS Score
Jul 8, 2024 EPSS Score
Aug 5, 2024 EPSS Score
Sep 2, 2024 EPSS Score
Oct 1, 2024 EPSS Score

References

RHBZ#2255212 issue-trackingx_refsource_REDHAT

Open in Interactive Console →