new file mode 100644
@@ -0,0 +1,36 @@
+From 3164a75f2660a5c3537feff9fd8751346cf5ca57 Mon Sep 17 00:00:00 2001
+From: Gabriel Ganne <gabriel.ganne@gmail.com>
+Date: Sun, 21 Jan 2024 09:16:38 +0100
+Subject: [PATCH] add check for empty cidr
+
+This causes tcprewrite to exit with an error instead of crashing.
+
+Fixes: #824
+
+Upstream-Status: Backport [https://github.com/appneta/tcpreplay/commit/a0b6d847f468217b8fd675f788e6eca74a21a90c]
+
+CVE: CVE-2023-43279
+
+Signed-off-by: Gabriel Ganne <gabriel.ganne@gmail.com>
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ src/common/cidr.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/common/cidr.c b/src/common/cidr.c
+index 687fd04..9afbfec 100644
+--- a/src/common/cidr.c
++++ b/src/common/cidr.c
+@@ -249,6 +249,10 @@ parse_cidr(tcpr_cidr_t **cidrdata, char *cidrin, char *delim)
+ char *network;
+ char *token = NULL;
+
++ if (cidrin == NULL) {
++ errx(-1, "%s", "Unable to parse empty CIDR");
++ }
++
+ mask_cidr6(&cidrin, delim);
+
+ /* first iteration of input using strtok */
+--
+2.25.1
@@ -11,6 +11,7 @@ SRC_URI = "https://github.com/appneta/tcpreplay/releases/download/v${PV}/tcprepl
file://CVE-2023-4256.patch \
file://CVE-2024-22654-0001.patch \
file://CVE-2024-22654-0002.patch \
+ file://CVE-2023-43279.patch \
"
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"