CVE-2016-6160 Broadcom CVE debrief

Who should care

Administrators, build and release teams, and security owners for systems that use tcpreplay or tcprewrite, especially when processing packet captures or traffic inputs from untrusted sources. Package maintainers should also confirm whether their distributions backport the fix.

Technical summary

NVD describes the issue as a network-adjacent denial of service in tcprewrite, with a large frame leading to a segmentation fault. The vulnerability is mapped to CWE-399 and scored CVSS 3.0 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NVD lists tcpreplay versions up to 4.1.1 as vulnerable and notes this is related to CVE-2017-14266.

Defensive priority

High for environments that rely on tcpreplay/tcprewrite in operational pipelines, because the impact is service interruption rather than data compromise and the attack complexity is low. Treat as a priority availability fix if the tool is exposed to untrusted inputs.

Recommended defensive actions

• Upgrade tcpreplay to 4.1.2 or later.
• Check vendor or distribution advisories for backported fixes if you use packaged builds.
• Inventory any workflows that invoke tcprewrite on packet captures or other externally sourced inputs.
• Monitor for unexpected crashes or segmentation faults in tcpreplay-based jobs until the fixed version is deployed.
• Validate updates in a non-production environment if tcpreplay is part of critical traffic analysis or replay tooling.

Evidence notes

The CVE was published on 2017-01-23. NVD later modified the record on 2026-05-13, which is metadata history rather than the issue date. The supplied official references include the CVE record, NVD detail page, an oss-security mailing list thread, a Debian bug report, and a GitHub issue reference. NVD lists vulnerable CPE coverage for broadcom:tcpreplay through version 4.1.1 and the CVSS vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Official resources