Vulnerabilities > CVE-2022-28487 - Memory Leak vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
OS | 3 |
Common Weakness Enumeration (CWE)
References
- https://github.com/appneta/tcpreplay/pull/720
- https://github.com/appneta/tcpreplay/issues/723
- https://security.gentoo.org/glsa/202210-08
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC/