Date: Tue, 5 Jul 2016 16:32:05 +0200 From: Christoph Biedl <debian.axhn@...chmal.in-ulm.de> To: oss-security@...ts.openwall.com Subject: CVE-2016-6160: Segmentation fault in tcprewrite (tcpreplay) Hello, as already reported in Debian BTS#829350, the tcprewrite program, part of the tcpreplay suite, does not check the size of the frames it processes. Huge frames may trigger a segmentation fault, and they occur on interfaces with an MTU of or close to 65536. For example, the loopback interface lo of the Linux kernel has such a value. This has been assigned CVE-2016-6160. The Debian BTS also contains a fix. Christoph  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350 Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.