Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP6
tcpdump.12848
tcpdump-CVE-2018-16452.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tcpdump-CVE-2018-16452.patch of Package tcpdump.12848
From 24182d959f661327525a20d9a94c98a8ec016778 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko <denis@ovsienko.info> Date: Fri, 7 Sep 2018 21:10:36 +0100 Subject: [PATCH] (for 4.9.3) CVE-2018-16452/SMB: prevent stack exhaustion Enforce a limit on how many times smb_fdata() can recurse. This fixes a stack exhaustion discovered by Include Security working under the Mozilla SOS program in 2018 by means of code audit. --- smbutil.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/smbutil.c b/smbutil.c index fc9b3cc6f..7b01f487d 100644 --- a/smbutil.c +++ b/smbutil.c @@ -807,7 +807,14 @@ smb_fdata(netdissect_options *ndo, while (buf < maxbuf) { const u_char *buf2; depth++; - buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr); + /* Not sure how this relates with the protocol specification, + * but in order to avoid stack exhaustion recurse at most that + * many levels. + */ + if (depth == 10) + ND_PRINT((ndo, "(too many nested levels, not recursing)")); + else + buf2 = smb_fdata(ndo, buf, fmt, maxbuf, unicodestr); depth--; if (buf2 == NULL) return(NULL);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor