cvedb.io
CVE-2025-51006
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2025-09-22T14:15:49.713 · Last modified 2026-06-17T09:35:30.247

Summary

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.

Affected products

broadcom — tcpreplay

Does this affect you?

Add your gear to cvedb and we'll alert you only when broadcom ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.