sy460129

2 exploits Active since Sep 2025
CVE-2025-51005 NOMISEC HIGH SUSPICIOUS
tcpreplay 4.5.1 - Heap-based Buffer Overflow in Checksum Calculation Logic
A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service.
CVSS 7.5
CVE-2025-51006 NOMISEC HIGH SUSPICIOUS
tcpreplay - Denial of Service via Double Free in dlt_linuxsll2_cleanup
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.
CVSS 7.8