Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Staging:F
tcpdump
tcpdump-CVE-2018-14881.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-14881.patch of Package tcpdump
From 86326e880d31b328a151d45348c35220baa9a1ff Mon Sep 17 00:00:00 2001 From: Francois-Xavier Le Bail <devel.fx.lebail@orange.fr> Date: Sun, 8 Oct 2017 13:38:50 +0200 Subject: [PATCH] (for 4.9.3) CVE-2018-14881/BGP: Fix BGP_CAPCODE_RESTART. Add a bounds check and a comment to bgp_capabilities_print(). This fixes a buffer over-read discovered by Bhargava Shastry, SecT/TU Berlin. Add a test using the capture file supplied by the reporter(s). --- print-bgp.c | 2 ++ tests/TESTLIST | 1 + tests/bgp-bgp_capabilities_print-oobr-1.out | 27 +++++++++++++++++++ tests/bgp-bgp_capabilities_print-oobr-1.pcap | Bin 0 -> 274 bytes 4 files changed, 30 insertions(+) create mode 100644 tests/bgp-bgp_capabilities_print-oobr-1.out create mode 100644 tests/bgp-bgp_capabilities_print-oobr-1.pcap diff --git a/print-bgp.c b/print-bgp.c index c82f1cc7d..1438915a4 100644 --- a/print-bgp.c +++ b/print-bgp.c @@ -2351,6 +2351,8 @@ bgp_capabilities_print(netdissect_options *ndo, opt[i+5])); break; case BGP_CAPCODE_RESTART: + /* Restart Flags (4 bits), Restart Time in seconds (12 bits) */ + ND_TCHECK_16BITS(opt + i + 2); ND_PRINT((ndo, "\n\t\tRestart Flags: [%s], Restart Time %us", ((opt[i+2])&0x80) ? "R" : "none", EXTRACT_16BITS(opt+i+2)&0xfff));
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor