CVE-2023-27789

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Tcpreplay version 4.4.3

Description The issue is related to the cidr2cidr() function in the Tcpreplay utility, which can cause a denial of service when exploited by a remote attacker. This function is part of the PCAP file handler and is associated with an uncontrolled reachable assertion. The exploitation of this issue can allow a remote attacker to cause a denial of service.

Recommendations For version 4.4.3, consider disabling the cidr2cidr() function as a temporary workaround until a patch is available. Restrict access to the cidr.c file to minimize the risk of exploitation. Avoid using the cidr2cidr() function in the affected endpoint until the issue is resolved.

Exploit

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2023-6893

BDU:2025-00907

CVE-2023-27789

MGASA-2023-0188

USN-7231-1

Affected Products

Alt Linux

Debian

Linuxmint

Tcpreplay

Ubuntu

CVE-2023-27789

Weakness Enumeration

Related Identifiers

Affected Products

References · 28