CVE-2025-9385

Vulnerability

CVE-2025-9385

A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component.

References

launchpad.net/ubuntu-cve-tracker: https://drive.google.com/file/d/1BQZF558bRHv07wtlCoZgtqTlEpHgfytp/view?usp=sharing
launchpad.net/ubuntu-cve-tracker: https://github.com/appneta/tcpreplay/issues/972#issuecomment-3199019278
launchpad.net/ubuntu-cve-tracker: https://vuldb.com/?ctiid.321218
launchpad.net/ubuntu-cve-tracker: https://vuldb.com/?id.321218
launchpad.net/ubuntu-cve-tracker: https://vuldb.com/?submit.630497
launchpad.net/ubuntu-cve-tracker: https://www.cve.org/CVERecord?id=CVE-2025-9385

severityl

low

type: vendor

source: launchpad.net/ubuntu-cve-tracker

published: 2025-08-24 11:15:00

Detection

No detection criteria available for this vulnerability.

Data Sources

Ubuntu CVE Tracker
ubuntu-cve-tracker
- raw: ghcr.io/vulsio/vuls-data-db:vuls-data-raw-ubuntu-cve-tracker
- extracted: ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-ubuntu-cve-tracker

FutureVuls|GitHub