Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
tcpdump.17077
tcpdump-CVE-2018-14462.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-14462.patch of Package tcpdump.17077
From 1a1bce0526a77b62e41531b00f8bb5e21fd4f3a3 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> Date: Sun, 8 Oct 2017 12:06:56 +0200 Subject: [PATCH] (for 4.9.3) CVE-2018-14462/ICMP: Add a missing bounds check In icmp_print(). This fixes a buffer over-read discovered by Bhargava Shastry. Add two tests using the capture files supplied by the reporter(s). --- print-icmp.c | 1 + tests/TESTLIST | 2 ++ tests/icmp-icmp_print-oobr-1.out | 7 +++++++ tests/icmp-icmp_print-oobr-1.pcap | Bin 0 -> 1208 bytes tests/icmp-icmp_print-oobr-2.out | 5 +++++ tests/icmp-icmp_print-oobr-2.pcap | Bin 0 -> 2514 bytes 6 files changed, 15 insertions(+) create mode 100644 tests/icmp-icmp_print-oobr-1.out create mode 100644 tests/icmp-icmp_print-oobr-1.pcap create mode 100644 tests/icmp-icmp_print-oobr-2.out create mode 100644 tests/icmp-icmp_print-oobr-2.pcap Index: tcpdump-4.9.2/print-icmp.c =================================================================== --- tcpdump-4.9.2.orig/print-icmp.c +++ tcpdump-4.9.2/print-icmp.c @@ -564,6 +564,7 @@ icmp_print(netdissect_options *ndo, cons vec[0].len = plen; sum = in_cksum(vec, 1); if (sum != 0) { + ND_TCHECK_16BITS(&dp->icmp_cksum); icmp_sum = EXTRACT_16BITS(&dp->icmp_cksum); ND_PRINT((ndo, " (wrong icmp cksum %x (->%x)!)", icmp_sum,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor