Libpcap Out-of-Bounds Read and Write Vulnerability in Pcap_Ether_Aton Function

A vulnerability allowing out-of-bounds read and write has been identified in the 'pcap_ether_aton' function of Libpcap. This function, which is part of the public API, is supposed to convert a string representation of a MAC-48 address into a binary format. However, the function does not properly validate the input string, leading to potential memory corruption. If an application calls this function with a malformed MAC address, it can cause the function to read past the end of the input string and write beyond the allocated output buffer. This issue arises because the function relies on a simple loop to parse the address, without checking if the input is well-formed. The vulnerability affects Libpcap versions prior to 1.10.6.

Impact

Exploitation of this vulnerability can lead to memory corruption by allowing out-of-bounds reads and writes. Such memory corruption could potentially be exploited to execute arbitrary code or cause a crash, depending on the context in which the vulnerability is triggered.

Reproduction

The vulnerability can be reproduced by calling the 'pcap_ether_aton' function with a string that does not conform to the expected MAC-48 address formats. The function will then read and write outside the bounds of the provided string and the allocated buffer.

Remediation

Users can upgrade to Libpcap version 1.10.6 or later, where this vulnerability has been fixed.