CVE-2018-20552

CWE-125Out-of-bounds Read6 documents6 sources
Severity
7.8HIGH
EPSS
0.2%
top 56.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Tcpreplay
Timeline
PublishedDec 28
Latest updateOct 4

Description

Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDbroadcom/tcpreplay< 4.3.1
Debiantcpreplay< 4.3.1-1+3

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-fcjg-28m6-vxv9: Tcpreplay before 42022-05-13
OSV
CVE-2018-20552: Tcpreplay before 42018-12-28
CVEList
CVE-2018-20552: Tcpreplay before 42018-12-28

📋Vendor Advisories

2
Ubuntu
Tcpreplay vulnerabilities2022-10-04
Debian
CVE-2018-20552: tcpreplay - Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree....2018
CVE-2018-20552 (HIGH CVSS 7.8) | Tcpreplay before 4.3.1 has a heap-b | cvebase.io