CVE-2024-54192
Denial of Service in Tcpreplay v4.5.1 via tcpedit_dlt_getplugin
Publication date: 2026-02-10
Last updated on: 2026-02-18
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| appneta | tcpreplay | 4.5.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2024-54192 is a vulnerability in the tcpreplay tool version 4.5.1 where a local attacker can cause a denial of service by triggering a segmentation fault (SEGV) in the function tcpedit_dlt_getplugin located in src/tcpedit/plugins/dlt_utils.c.
The issue arises from improper handling of crafted input files that contain invalid Juniper (jnpr) header lengths, which leads to an invalid memory read and program crash.
A patch was introduced to add validation checks for these header lengths to prevent the segmentation fault and improve the robustness of the packet rewriting tool.
How can this vulnerability impact me? :
This vulnerability can cause the tcpreplay tool to crash unexpectedly when processing specially crafted input files, resulting in a denial of service.
If you rely on tcpreplay for network packet replay or testing, an attacker with local access could exploit this flaw to disrupt your operations by causing the tool to terminate.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by running the tcprewrite program with crafted input files that trigger the segmentation fault in the tcpedit_dlt_getplugin function. Specifically, executing tcprewrite with command-line options such as --dlt=enet and Ethernet MAC address parameters on a proof-of-concept input file can reproduce the crash.
A suggested command to detect the vulnerability is to build and configure the tcpreplay software, then run:
- tcprewrite --dlt=enet --enet-smac=00:11:22:33:44:55 --enet-dmac=66:77:88:99:AA:BB <input_file>
If the program crashes with a segmentation fault, it indicates the presence of the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update tcpreplay to a version that includes the patch fixing the issue. The fix involves a validation check for invalid Juniper header lengths in the tcpedit_dlt_getplugin function, preventing the segmentation fault.
The patch was merged into the 4.5.0-beta1 branch on June 8, 2024, so upgrading to this version or later will address the vulnerability.
Until an update is applied, avoid processing untrusted or crafted input files with tcprewrite to prevent denial of service.