CVE-2025-51006 — HIGH (7.8)

Vulnerability Description

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedit_dlt_cleanup() indirectly invokes the cleanup routine multiple times on the same memory region. By supplying a specifically crafted pcap file to the tcprewrite binary, a local attacker can exploit this flaw to cause a Denial of Service (DoS) via memory corruption.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Broadcom	Tcpreplay	4.5.1

Related Weaknesses (CWE)

CWE-415

References

https://github.com/appneta/tcpreplay/issues/926ExploitIssue TrackingPatch
https://github.com/sy460129/CVE-2025-51006ExploitThird Party Advisory

FAQ

What is CVE-2025-51006?

CVE-2025-51006 is a vulnerability with a CVSS score of 7.8 (HIGH). Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxsll2.c. This vulnerability is triggered when tcpedi...

How severe is CVE-2025-51006?

CVE-2025-51006 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-51006?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Tcpreplay.