CVE-2023-27783: 
NixOS vulnerability analysis and mitigation

CVE-2023-27783 is a vulnerability discovered in TCPreplay tcprewrite version 4.4.3 that allows remote attackers to cause a denial of service through the tcpeditdltcleanup function located in plugins/dlt_plugins.c. The vulnerability was disclosed on March 16, 2023, affecting the network traffic replay tool that supports pcap and snoop capture formats (NVD).

The vulnerability stems from improper handling of memory in the tcpeditdltcleanup function within the plugins/dltplugins.c file. The issue specifically occurs when using the tcprewrite utility in DLTJUNIPER_ETHER mode. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction (NVD).

When successfully exploited, the vulnerability results in a denial of service condition through a crash in the CLI tool. The impact is primarily focused on service availability, with no direct effect on confidentiality or integrity of the system (Debian).

The vulnerability has been fixed in tcpreplay version 4.4.4. The fix involves adding proper validation checks for the subctx before cleanup in the dltjnprether_cleanup function. Various Linux distributions have released security updates to address this vulnerability, including Fedora and Ubuntu (GitHub PR, Fedora Update).