CVE-2025-9019

15.08.2025, 07:15

A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The researcher is able to reproduce this with the latest official release 4.5.1 and the current master branch. The code maintainer cannot reproduce this for 4.5.2-beta1. In his reply the maintainer explains that "[i]n that case, this is a duplicate that was fixed in 4.5.2."

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	3.1 LOW	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
VulDB	CNA	3.1 LOW				CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:X/RC:C

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

tcpreplay

bullseye	vulnerable
bookworm	vulnerable
forky	vulnerable
sid	vulnerable
trixie	vulnerable

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://drive.google.com/file/d/13SQYVIb_YQoRfaJaaLf6iLtMiCRCHlBc/view?usp=sharing

https://github.com/appneta/tcpreplay/issues/958

https://github.com/appneta/tcpreplay/issues/958#issuecomment-3124876035

https://github.com/appneta/tcpreplay/issues/959

https://vuldb.com/?ctiid.320080

https://vuldb.com/?id.320080

https://vuldb.com/?submit.623635

https://vuldb.com/?submit.623636

https://vuldb.com/?submit.623637

https://vuldb.com/?submit.623638

https://vuldb.com/?submit.623639