Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
tcpdump.17078
tcpdump-CVE-2018-14880.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-14880.patch of Package tcpdump.17078
From e01c9bf76740802025c9328901b55ee4a0c49ed6 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> Date: Sat, 4 Nov 2017 16:06:33 +0100 Subject: [PATCH] (for 4.9.3) CVE-2018-14880/OSPFv3: Fix a bounds check Need to test bounds check for the last field of the structure lsa6_hdr. No need to test other fields. Include Security working under the Mozilla SOS program had independently identified this vulnerability in 2018 by means of code audit. Wang Junjie of 360 ESG Codesafe Team had independently identified this vulnerability in 2018 by means of fuzzing and provided the packet capture file for the test. --- print-ospf6.c | 3 +- tests/TESTLIST | 3 ++ tests/ospf6_print_lshdr-oobr.out | 59 ++++++++++++++++++++++++++++ tests/ospf6_print_lshdr-oobr.pcapng | Bin 0 -> 5492 bytes 4 files changed, 63 insertions(+), 2 deletions(-) create mode 100644 tests/ospf6_print_lshdr-oobr.out create mode 100644 tests/ospf6_print_lshdr-oobr.pcapng diff --git a/print-ospf6.c b/print-ospf6.c index a5ac30517..66ab2f75f 100644 --- a/print-ospf6.c +++ b/print-ospf6.c @@ -389,8 +389,7 @@ ospf6_print_lshdr(netdissect_options *ndo, { if ((const u_char *)(lshp + 1) > dataend) goto trunc; - ND_TCHECK(lshp->ls_type); - ND_TCHECK(lshp->ls_seq); + ND_TCHECK(lshp->ls_length); /* last field of struct lsa6_hdr */ ND_PRINT((ndo, "\n\t Advertising Router %s, seq 0x%08x, age %us, length %u", ipaddr_string(ndo, &lshp->ls_router),
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor