Critical Vulnerability Information Vulnerability Title tcpreplay tcpreplay version 6fcbf03 (the newest master in https://github.com/appneta/tcpreplay) floating-point exception Vulnerability Description TCPPREPLAY Division by Zero Vulnerability in calc_sleep_time Function (PPS Mode Line 1125) Vulnerability Summary A critical division-by-zero vulnerability exists in the tcpreplay utility within the tcpreplay package. This vulnerability occurs in the calc_sleep_time function at line 1125 in send_packets.c, triggered when processing malformed PPS (packets per second) parameters. This leads to a floating-point exception and program termination. Technical Details Vulnerability Type: Floating-point exception Affected Function: calc_sleep_time Source File: send_packets.c Line Numbers: 1125, 67 Signal: SIGFPE (08) Vulnerability Mechanism and Root Cause This floating-point exception vulnerability is caused by insufficient input validation in the PPS parameter handling logic. The root cause lies within the calc_sleep_time function, where a division operation is performed without checking whether the divisor is zero. Vulnerability Trigger Conditions 1. The program processes extremely small packet rate values, resulting in division by zero. 2. This affects the packet rate limiting calculation within the calc_sleep_time function. 3. The tcpreplay_replay function initializes packet replay processing at tcpreplay_api.c:1201. 4. Control flow proceeds to 'replay_replay_index' at replay.c:54 for index-based replay. 5. The 'replay_file' function at replay.c:179 handles the packet stream.