Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
tcpdump.17078
tcpdump-CVE-2018-14465.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-14465.patch of Package tcpdump.17078
From bea2686c296b79609060a104cc139810785b0739 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> Date: Sun, 8 Oct 2017 13:19:12 +0200 Subject: [PATCH] (for 4.9.3) CVE-2018-14465/RSVP: Add a missing bounds check In rsvp_obj_print(). This fixes a buffer over-read discovered by Bhargava Shastry. Add a test using the capture file supplied by the reporter(s). --- print-rsvp.c | 1 + tests/TESTLIST | 1 + tests/rsvp-rsvp_obj_print-oobr.out | 7 +++++++ tests/rsvp-rsvp_obj_print-oobr.pcap | Bin 0 -> 391 bytes 4 files changed, 9 insertions(+) create mode 100644 tests/rsvp-rsvp_obj_print-oobr.out create mode 100644 tests/rsvp-rsvp_obj_print-oobr.pcap diff --git a/print-rsvp.c b/print-rsvp.c index 256191692..438761ea3 100644 --- a/print-rsvp.c +++ b/print-rsvp.c @@ -1555,6 +1555,7 @@ rsvp_obj_print(netdissect_options *ndo, case RSVP_OBJ_CLASSTYPE_OLD: /* fall through */ switch(rsvp_obj_ctype) { case RSVP_CTYPE_1: + ND_TCHECK_32BITS(obj_tptr); ND_PRINT((ndo, "%s CT: %u", ident, EXTRACT_32BITS(obj_tptr) & 0x7));
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor