summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta-networking/recipes-support/wireshark/files/CVE-2025-9817.patch32
-rw-r--r--meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb1
2 files changed, 33 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2025-9817.patch b/meta-networking/recipes-support/wireshark/files/CVE-2025-9817.patch
new file mode 100644
index 0000000000..034c51778e
--- /dev/null
+++ b/meta-networking/recipes-support/wireshark/files/CVE-2025-9817.patch
@@ -0,0 +1,32 @@
1From 39daba5e247ea495f88b0be82f0b7ebbdbf50fba Mon Sep 17 00:00:00 2001
2From: John Thacker <johnthacker@gmail.com>
3Date: Sat, 26 Jul 2025 07:10:28 -0400
4Subject: [PATCH] ssh: Add a null check
5
6Fix #20642
7
8Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/39daba5e247ea495f88b0be82f0b7ebbdbf50fba]
9CVE: CVE-2025-9817
10Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
11---
12 epan/dissectors/packet-ssh.c | 4 ++++
13 1 file changed, 4 insertions(+)
14
15diff --git a/epan/dissectors/packet-ssh.c b/epan/dissectors/packet-ssh.c
16index 4f2b0ff..9b3b904 100644
17--- a/epan/dissectors/packet-ssh.c
18+++ b/epan/dissectors/packet-ssh.c
19@@ -2359,6 +2359,10 @@ ssh_kex_shared_secret(gint kex_type, ssh_bignum *pub, ssh_bignum *priv, ssh_bign
20 }
21
22 if(kex_type==SSH_KEX_DH_GEX){
23+ if (modulo == NULL) {
24+ ws_debug("Missing group modulo");
25+ return NULL;
26+ }
27 gcry_mpi_t b = NULL;
28 gcry_mpi_scan(&b, GCRYMPI_FMT_USG, pub->data, pub->length, NULL);
29 gcry_mpi_t d = NULL, e = NULL, m = NULL;
30--
312.43.0
32
diff --git a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
index 6246a1d9fa..bd014055a9 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
@@ -13,6 +13,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz
13 file://0002-flex-Remove-line-directives.patch \ 13 file://0002-flex-Remove-line-directives.patch \
14 file://0004-lemon-Remove-line-directives.patch \ 14 file://0004-lemon-Remove-line-directives.patch \
15 file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \ 15 file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \
16 file://CVE-2025-9817.patch \
16 " 17 "
17 18
18UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions" 19UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-11-06 11:32:21 +0000