diff options
Diffstat (limited to 'gnu/packages/patches/tcpdump-CVE-2017-11542.patch')
| -rw-r--r-- | gnu/packages/patches/tcpdump-CVE-2017-11542.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/gnu/packages/patches/tcpdump-CVE-2017-11542.patch b/gnu/packages/patches/tcpdump-CVE-2017-11542.patch new file mode 100644 index 0000000000..24849d5187 --- /dev/null +++ b/gnu/packages/patches/tcpdump-CVE-2017-11542.patch @@ -0,0 +1,37 @@ +Fix CVE-2017-11542: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11542 + +Patch copied from upstream source repository: + +https://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae + +From bed48062a64fca524156d7684af19f5b4a116fae Mon Sep 17 00:00:00 2001 +From: Guy Harris <guy@alum.mit.edu> +Date: Tue, 7 Feb 2017 11:10:04 -0800 +Subject: [PATCH] CVE-2017-11542/PIMv1: Add a bounds check. + +This fixes a buffer over-read discovered by Kamil Frankowicz. + +Add a test using the capture file supplied by the reporter(s). +--- + print-pim.c | 1 + + tests/TESTLIST | 1 + + tests/hoobr_pimv1.out | 25 +++++++++++++++++++++++++ + tests/hoobr_pimv1.pcap | Bin 0 -> 3321 bytes + 4 files changed, 27 insertions(+) + create mode 100644 tests/hoobr_pimv1.out + create mode 100644 tests/hoobr_pimv1.pcap + +diff --git a/print-pim.c b/print-pim.c +index 25525953..ed880ae7 100644 +--- a/print-pim.c ++++ b/print-pim.c +@@ -306,6 +306,7 @@ pimv1_print(netdissect_options *ndo, + pimv1_join_prune_print(ndo, &bp[8], len - 8); + break; + } ++ ND_TCHECK(bp[4]); + if ((bp[4] >> 4) != 1) + ND_PRINT((ndo, " [v%d]", bp[4] >> 4)); + return; |