GNU Libopts Memory Corruption Vulnerability in Tcpreplay's Tcpliveplay Utility

A memory corruption vulnerability has been identified in GNU Libopts versions through 27.6. This issue arises in the function '__strstr_sse2' within the string processing library of GNU libc. The vulnerability is triggered when tcpreplay's 'tcpliveplay' utility processes malformed configuration files using the '--load-opts' command-line option. This flaw leads to a segmentation fault, causing the program to crash. The vulnerability requires local access to exploit and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the 'tcpliveplay' utility.

Reproduction

The vulnerability can be reproduced by compiling 'tcpliveplay' with AddressSanitizer enabled, and then executing it with the '--load-opts' option followed by a malformed configuration file that triggers the vulnerability. The 'tcpliveplay' version '6fcbf03' (the newest master) is affected.