MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-15 06:45:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

wireshark: Fix CVE-2025-9817

Browse Source 
Upstream-Status: Backport from 39daba5e24

Link: https://gitlab.com/wireshark/wireshark/-/issues/20642
      https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-9817
      https://ftp.lysator.liu.se/pub/opensuse/update/leap/15.6/sle/src/wireshark-4.2.13-150600.18.26.1.src.rpm

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Vijay Anusuri 2025-11-03 18:15:10 +05:30 committed by Khem Raj
parent 168a8204a0
commit c9510a21cc
No known key found for this signature in database
GPG Key ID: BB053355919D3314
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
meta-networking/recipes-support/wireshark/files/CVE-2025-9817.patch Normal file
View File

@ -0,0 +1,32 @@
From 39daba5e247ea495f88b0be82f0b7ebbdbf50fba Mon Sep 17 00:00:00 2001
From: John Thacker <johnthacker@gmail.com>
Date: Sat, 26 Jul 2025 07:10:28 -0400
Subject: [PATCH] ssh: Add a null check
Fix #20642
Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/39daba5e247ea495f88b0be82f0b7ebbdbf50fba]
CVE: CVE-2025-9817
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
epan/dissectors/packet-ssh.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/epan/dissectors/packet-ssh.c b/epan/dissectors/packet-ssh.c
index 4f2b0ff..9b3b904 100644
--- a/epan/dissectors/packet-ssh.c
+++ b/epan/dissectors/packet-ssh.c
@@ -2359,6 +2359,10 @@ ssh_kex_shared_secret(gint kex_type, ssh_bignum *pub, ssh_bignum *priv, ssh_bign
}
if(kex_type==SSH_KEX_DH_GEX){
+ if (modulo == NULL) {
+ ws_debug("Missing group modulo");
+ return NULL;
+ }
gcry_mpi_t b = NULL;
gcry_mpi_scan(&b, GCRYMPI_FMT_USG, pub->data, pub->length, NULL);
gcry_mpi_t d = NULL, e = NULL, m = NULL;
--
2.43.0

1
meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
View File

@ -13,6 +13,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz
file://0002-flex-Remove-line-directives.patch \ file://0002-flex-Remove-line-directives.patch \
file://0004-lemon-Remove-line-directives.patch \ file://0004-lemon-Remove-line-directives.patch \
file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \ file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \
file://CVE-2025-9817.patch \
" "
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions" UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions"