MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-10-22 15:03:59 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

wireshark: Fix CVE-2023-2906

Browse Source 
Upstream-Status: Backport from 44dc70cc5a

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit 919a207458)
Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Hitendra Prajapati 2023-11-15 10:34:21 -08:00 committed by Armin Kuster
parent aa5e8edabb
commit 8d511904a5
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch Normal file
View File

@ -0,0 +1,38 @@
From 44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d Mon Sep 17 00:00:00 2001
From: Jaap Keuter <jaap.keuter@xs4all.nl>
Date: Thu, 27 Jul 2023 20:21:19 +0200
Subject: [PATCH] CP2179: Handle timetag info response without records
Fixes #19229
Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d]
CVE: CVE-2023-2906
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
epan/dissectors/packet-cp2179.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/epan/dissectors/packet-cp2179.c b/epan/dissectors/packet-cp2179.c
index 30f53f8..70fe033 100644
--- a/epan/dissectors/packet-cp2179.c
+++ b/epan/dissectors/packet-cp2179.c
@@ -721,11 +721,14 @@ dissect_response_frame(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, int
proto_tree_add_item(cp2179_proto_tree, hf_cp2179_timetag_numsets, tvb, offset, 1, ENC_LITTLE_ENDIAN);
num_records = tvb_get_guint8(tvb, offset) & 0x7F;
+ offset += 1;
+
+ if (num_records == 0 || numberofcharacters <= 1)
+ break;
+
recordsize = (numberofcharacters-1) / num_records;
num_values = (recordsize-6) / 2; /* Determine how many 16-bit analog values are present in each event record */
- offset += 1;
-
for (x = 0; x < num_records; x++)
{
cp2179_event_tree = proto_tree_add_subtree_format(cp2179_proto_tree, tvb, offset, recordsize, ett_cp2179_event, NULL, "Event Record # %d", x+1);
--
2.25.1

1
meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb
View File

@ -24,6 +24,7 @@ SRC_URI += " \
file://CVE-2023-0666.patch \
file://CVE-2023-0667.patch \
file://CVE-2023-0668.patch \
file://CVE-2023-2906.patch \
"
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"