helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-05-18 23:35:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

tcpreplay 4.4.4: Fix CVE-2025-9384

Browse Source 
There is a NULL Pointer Dereference in ports2PORT when the user passes ill-formatted
portmap string to tcprewrite with option -r or --portmap

Upstream Repository: https://github.com/appneta/tcpreplay.git

Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2025-9384
CVE: CVE-2025-9384

Signed-off-by: Jackson <jacksonj2@kpit.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Jackson 2026-01-17 11:26:25 +05:30 committed by Gyorgy Sarvari
parent 70b16622ab
commit eb933671af
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2025-9384.patch Normal file
View File

@ -0,0 +1,38 @@
From 5c12534cdb3c360fb8ec1a8d83ec64449bc9e41d Mon Sep 17 00:00:00 2001
From: Jackson <jacksonj2@kpit.com>
Date: Mon, 12 Jan 2026 00:32:07 +0530
Subject: [PATCH] CVE-2025-9384: Bug #894 stop on --portmap syntax error
src/tcprewrite -r 1:2 -i ping.pcap -c ping.cache -o out.pcap
src/tcprewrite -r 1-:2 -i ping.pcap -c ping.cache -o out.pcap
Fatal Error in ../../src/tcprewrite.c:main() line 86:
Unable to parse args: From ../../../src/tcpedit/parse_args.c:tcpedit_post_args() line 189:
Unable to parse --portmap=1-:2
CVE: CVE-2025-9384
Upstream-Status: Backport [https://github.com/appneta/tcpreplay/pull/946/commits/f6e6ee460ad9fe01e24a1579166b3f7a8c2158a7]
Comment: Patch refreshed
Signed-off-by: Jackson <jacksonj2@kpit.com>
---
src/tcpedit/portmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tcpedit/portmap.c b/src/tcpedit/portmap.c
index 5fe1779..1e54728 100644
--- a/src/tcpedit/portmap.c
+++ b/src/tcpedit/portmap.c
@@ -104,7 +104,7 @@ ports2PORT(char *ports)
from_begin = strtok_r(from_s, "-", &token2);
from_end = strtok_r(NULL, "-", &token2);
long from_b = strtol(from_begin, &badchar, 10);
- if (strlen(badchar) != 0) {
+ if (!from_begin || !from_end || strlen(badchar) != 0) {
free(portmap);
return NULL;
}
--
2.34.1

1
meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb
View File

@ -15,6 +15,7 @@ SRC_URI = "https://github.com/appneta/tcpreplay/releases/download/v${PV}/tcprepl
file://CVE-2023-43279.patch \
file://CVE-2025-9157.patch \
file://CVE-2025-51006.patch \
file://CVE-2025-9384.patch \
"
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"