Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
wicked.14293
0003-dhcp4-free-lease-on-response-without-messa...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-dhcp4-free-lease-on-response-without-message-type-CV.patch of Package wicked.14293
From 9d619f4c93c6499fb656bcbc950c7572b7d97568 Mon Sep 17 00:00:00 2001 References: CVE-2020-7216,bsc#1160905 Upstream: yes From: =?UTF-8?q?Rub=C3=A9n=20Torrero=20Marijnissen?= <rtorreromarijnissen@suse.com> Date: Wed, 22 Jan 2020 12:19:12 +0000 Subject: [PATCH 3/3] dhcp4: free lease on response without message type (CVE-2020-7216,bsc#1160905) --- src/dhcp4/protocol.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/dhcp4/protocol.c b/src/dhcp4/protocol.c index c8ae3d29..8eb1dc99 100644 --- a/src/dhcp4/protocol.c +++ b/src/dhcp4/protocol.c @@ -1909,6 +1909,12 @@ parse_more: } } + // We should have a msg_type by now + if (msg_type < 0) { + ni_debug_dhcp("unable to parse DHCP4 response: missing msg type"); + goto error; + } + if (options->underflow) { ni_debug_dhcp("unable to parse DHCP4 response: truncated packet"); goto error; -- 2.16.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor