CVE-2025-9386

Name
CVE-2025-9386
Description
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
exploit https://drive.google.com/file/d/1DcQWaTmj1HSbRidOCWwe9vtgHsBnFuX7/view?usp=sharing
issue-tracking https://github.com/appneta/tcpreplay/issues/973
signature https://vuldb.com/?ctiid.321219
vdb-entry https://vuldb.com/?id.321219
third-party-advisory https://vuldb.com/?submit.630498

Match rules

CPE URI Source package Min version Max version
tcpreplay == 4.5.0 == 4.5.0
tcpreplay == 4.5.1 == 4.5.1
tcpreplay == 4.5.2-beta3 == 4.5.2-beta3
cpe:2.3:a:broadcom:tcpreplay:*:*:*:*:*:*:*:* tcpreplay >= None <= 4.5.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
tcpreplay edge-community 4.5.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
tcpreplay edge-community 4.4.1-r0 None possibly vulnerable
tcpreplay edge-community 4.3.4-r0 None possibly vulnerable
tcpreplay edge-community 4.3.2-r0 None possibly vulnerable
tcpreplay 3.22-community 4.5.1-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
tcpreplay 3.22-community 4.4.1-r0 None possibly vulnerable
tcpreplay 3.22-community 4.3.4-r0 None possibly vulnerable
tcpreplay 3.22-community 4.3.2-r0 None possibly vulnerable