CVE-2018-20553

CWE-125Out-of-bounds Read6 documents6 sources
Severity
7.8HIGH
EPSS
0.2%
top 57.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Tcpreplay
Timeline
PublishedDec 28
Latest updateOct 4

Description

Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDbroadcom/tcpreplay< 4.3.1
Debiantcpreplay< 4.3.1-1+3

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-fqcf-3qqq-pqx8: Tcpreplay before 42022-05-13
CVEList
CVE-2018-20553: Tcpreplay before 42018-12-28
OSV
CVE-2018-20553: Tcpreplay before 42018-12-28

📋Vendor Advisories

2
Ubuntu
Tcpreplay vulnerabilities2022-10-04
Debian
CVE-2018-20553: tcpreplay - Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/...2018
CVE-2018-20553 (HIGH CVSS 7.8) | Tcpreplay before 4.3.1 has a heap-b | cvebase.io