CVE-2022-27942
https://notcve.org/view.php?id=CVE-2022-27942
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. tcpprep en Tcpreplay versión 4.4.1 presenta una lectura excesiva de búfer en la región heap de la memoria en la función parse_mpls en el archivo common/get.c • https://github.com/appneta/tcpreplay/issues/719 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC https://security.gentoo.org/glsa/202210-08 • CWE-125: Out-of-bounds Read •
CVE-2022-25484
https://notcve.org/view.php?id=CVE-2022-25484
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1. tcpprep versión v4.4.1, presenta una aserción alcanzable (assert(l2len ) 0)) en la función packet2tree() en el archivo tree.c en tcpprep v4.4.1 • https://github.com/appneta/tcpreplay/issues/715 • CWE-617: Reachable Assertion •