CVE-2022-28487

CWE-401Memory Leak7 documents7 sources
Severity
7.5HIGH
EPSS
0.5%
top 35.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom TcpreplayFedoraproject Fedora
Timeline
PublishedMay 4
Latest updateOct 4

Description

Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

Debiantcpreplay< 4.4.2-1+2

Also affects: Fedora 35, 36, 37

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-g42m-vjq2-x6h8: Tcpreplay version 42022-05-05
OSV
CVE-2022-28487: Tcpreplay version 42022-05-04
CVEList
CVE-2022-28487: Tcpreplay version 42022-05-04

📋Vendor Advisories

3
Ubuntu
Tcpreplay vulnerabilities2022-10-04
Red Hat
tcpreplay: memory leak in fix_ipv6_checksums() function2022-05-04
Debian
CVE-2022-28487: tcpreplay - Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() f...2022
CVE-2022-28487 (HIGH CVSS 7.5) | Tcpreplay version 4.4.1 contains a | cvebase.io