diff options
| author | Hitendra Prajapati <hprajapati@mvista.com> | 2023-11-15 10:34:21 -0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2023-12-04 09:47:03 -0500 |
| commit | 8d511904a5850439d44253af15a21cb3c0b2f6fa (patch) | |
| tree | cc50e3965790918ace0c6b0a68f9ba1a0b13a224 | |
| parent | aa5e8edabbc414d8ec1b2ad63c8743c7baf99626 (diff) | |
| download | meta-openembedded-8d511904a5850439d44253af15a21cb3c0b2f6fa.tar.gz | |
wireshark: Fix CVE-2023-2906
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit 919a2074586ff957362ae2dbd3438fa648bb9bee)
Signed-off-by: Deepak Rathore <deeratho@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch | 38 | ||||
| -rw-r--r-- | meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 1 |
2 files changed, 39 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch b/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch new file mode 100644 index 000000000..fe2109728 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From 44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Jaap Keuter <jaap.keuter@xs4all.nl> | ||
| 3 | Date: Thu, 27 Jul 2023 20:21:19 +0200 | ||
| 4 | Subject: [PATCH] CP2179: Handle timetag info response without records | ||
| 5 | |||
| 6 | Fixes #19229 | ||
| 7 | |||
| 8 | Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d] | ||
| 9 | CVE: CVE-2023-2906 | ||
| 10 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
| 11 | --- | ||
| 12 | epan/dissectors/packet-cp2179.c | 7 +++++-- | ||
| 13 | 1 file changed, 5 insertions(+), 2 deletions(-) | ||
| 14 | |||
| 15 | diff --git a/epan/dissectors/packet-cp2179.c b/epan/dissectors/packet-cp2179.c | ||
| 16 | index 30f53f8..70fe033 100644 | ||
| 17 | --- a/epan/dissectors/packet-cp2179.c | ||
| 18 | +++ b/epan/dissectors/packet-cp2179.c | ||
| 19 | @@ -721,11 +721,14 @@ dissect_response_frame(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, int | ||
| 20 | proto_tree_add_item(cp2179_proto_tree, hf_cp2179_timetag_numsets, tvb, offset, 1, ENC_LITTLE_ENDIAN); | ||
| 21 | |||
| 22 | num_records = tvb_get_guint8(tvb, offset) & 0x7F; | ||
| 23 | + offset += 1; | ||
| 24 | + | ||
| 25 | + if (num_records == 0 || numberofcharacters <= 1) | ||
| 26 | + break; | ||
| 27 | + | ||
| 28 | recordsize = (numberofcharacters-1) / num_records; | ||
| 29 | num_values = (recordsize-6) / 2; /* Determine how many 16-bit analog values are present in each event record */ | ||
| 30 | |||
| 31 | - offset += 1; | ||
| 32 | - | ||
| 33 | for (x = 0; x < num_records; x++) | ||
| 34 | { | ||
| 35 | cp2179_event_tree = proto_tree_add_subtree_format(cp2179_proto_tree, tvb, offset, recordsize, ett_cp2179_event, NULL, "Event Record # %d", x+1); | ||
| 36 | -- | ||
| 37 | 2.25.1 | ||
| 38 | |||
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 025559193..ba91914f2 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | |||
| @@ -24,6 +24,7 @@ SRC_URI += " \ | |||
| 24 | file://CVE-2023-0666.patch \ | 24 | file://CVE-2023-0666.patch \ |
| 25 | file://CVE-2023-0667.patch \ | 25 | file://CVE-2023-0667.patch \ |
| 26 | file://CVE-2023-0668.patch \ | 26 | file://CVE-2023-0668.patch \ |
| 27 | file://CVE-2023-2906.patch \ | ||
| 27 | " | 28 | " |
| 28 | 29 | ||
| 29 | UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" | 30 | UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" |