{"id":"CVE-2025-9157","details":"A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue.","modified":"2026-04-11T03:28:59.119295Z","published":"2025-08-19T20:15:37.310Z","related":["openSUSE-SU-2025:15728-1","openSUSE-SU-2025:20119-1"],"references":[{"type":"WEB","url":"https://vuldb.com/?submit.630495"},{"type":"WEB","url":"https://drive.google.com/file/d/1_aONM_TOF96JbnYviPyZhVk-7HObtX8H/view?usp=sharing"},{"type":"WEB","url":"https://vuldb.com/?ctiid.320537"},{"type":"WEB","url":"https://vuldb.com/?id.320537"},{"type":"REPORT","url":"https://github.com/appneta/tcpreplay/issues/970"},{"type":"REPORT","url":"https://github.com/appneta/tcpreplay/issues/970#issuecomment-3198966053"},{"type":"FIX","url":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/appneta/tcpreplay","events":[{"introduced":"0"},{"fixed":"73008f261f1cdf7a1087dc8759115242696d35da"}]}],"versions":["v3.4.2","v3.4.3","v3.4.4","v4.0.0","v4.0.0beta1","v4.0.0beta2","v4.0.1","v4.0.2","v4.0.3","v4.0.4","v4.0.5","v4.0.5beta1","v4.0.5beta2","v4.0.5beta3","v4.1.0","v4.1.0beta1","v4.1.0beta2","v4.1.1","v4.1.1-beta2","v4.1.1-beta3","v4.1.2","v4.2.6","v4.4.3"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","signature_type":"Function","id":"CVE-2025-9157-02b2c0e6","target":{"file":"src/common/sendpacket.h","function":"kick_tx"},"digest":{"function_hash":"328974087607412167336739022779689300187","length":635},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false},{"signature_version":"v1","signature_type":"Line","id":"CVE-2025-9157-0e30c689","target":{"file":"src/common/sendpacket.h"},"digest":{"line_hashes":["19628962945387001136090884324675050071","113063468747715974689397983761155799458","101940827274302632927073457419324534871","66348440111304200964489554960775311010"],"threshold":0.9},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false},{"signature_version":"v1","signature_type":"Function","id":"CVE-2025-9157-19ae82a7","target":{"file":"src/tcpedit/edit_packet.c","function":"untrunc_packet"},"digest":{"function_hash":"218537400204354682112518451400835951551","length":1925},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false},{"signature_version":"v1","signature_type":"Line","id":"CVE-2025-9157-7e369ec4","target":{"file":"src/tcpedit/edit_packet.c"},"digest":{"line_hashes":["311638448632200243448626576368432857809","262969340522840702234456712089739320088","29032276265835153425650451824912449775","304385322920033473258116721690707467852"],"threshold":0.9},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false},{"signature_version":"v1","signature_type":"Function","id":"CVE-2025-9157-a5284362","target":{"file":"src/tcprewrite.c","function":"rewrite_packets"},"digest":{"function_hash":"68992610171752203025817196903415234098","length":2403},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false},{"signature_version":"v1","signature_type":"Line","id":"CVE-2025-9157-d477aff5","target":{"file":"src/tcprewrite.c"},"digest":{"line_hashes":["91237455740800186492158709295618978963","248279307656741066594751877305855593064","263934966825246672697957659366178751789","212386188721125584022658031331624949494"],"threshold":0.9},"source":"https://github.com/appneta/tcpreplay/commit/73008f261f1cdf7a1087dc8759115242696d35da","deprecated":false}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-9157.json","vanir_signatures_modified":"2026-04-11T03:28:59Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"}]}