diff options
| author | Hitendra Prajapati <hprajapati@mvista.com> | 2026-05-05 17:54:31 +0530 |
|---|---|---|
| committer | Anuj Mittal <anuj.mittal@oss.qualcomm.com> | 2026-05-21 08:57:37 +0530 |
| commit | fb4ebd12001257d4ba0d88173c6bc5887e974f9b (patch) | |
| tree | f33949e7de528f05f653f2ca839e9e104bdde5a5 | |
| parent | ae7dfb12245c7f9b9a353499e2688015bd4e6413 (diff) | |
| download | meta-openembedded-fb4ebd12001257d4ba0d88173c6bc5887e974f9b.tar.gz | |
wireshark: fix for CVE-2025-13946
Pick patch from [1] also mentioned at NVD report in [2]
[1] https://gitlab.com/wireshark/wireshark/-/issues/20884
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-13946
[3] https://security-tracker.debian.org/tracker/CVE-2025-13946
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
| -rw-r--r-- | meta-networking/recipes-support/wireshark/files/CVE-2025-13946.patch | 51 | ||||
| -rw-r--r-- | meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb | 1 |
2 files changed, 52 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2025-13946.patch b/meta-networking/recipes-support/wireshark/files/CVE-2025-13946.patch new file mode 100644 index 0000000000..40f5d316ad --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2025-13946.patch | |||
| @@ -0,0 +1,51 @@ | |||
| 1 | From aba1fbe6266beb6bf9b887b6eab008e4f4841c9b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: AndersBroman <a.broman58@gmail.com> | ||
| 3 | Date: Mon, 1 Dec 2025 08:41:55 +0100 | ||
| 4 | Subject: MEGACO: Handle tvb_get_uint8 returning -1 | ||
| 5 | |||
| 6 | When dissecting a media descriptor, handle tvb_get_uint8 returning | ||
| 7 | -1 when searching for a left or right bracket and not finding it | ||
| 8 | by setting the bracket offset to the end offset so that the loop | ||
| 9 | will exit. Leaving it at -1 can cause going backwards and at worst | ||
| 10 | infinite loops. | ||
| 11 | |||
| 12 | Fix #20884 | ||
| 13 | |||
| 14 | (cherry picked from commit aba1fbe6266beb6bf9b887b6eab008e4f4841c9b) | ||
| 15 | |||
| 16 | Co-authored-by: John Thacker <johnthacker@gmail.com> | ||
| 17 | origin: https://gitlab.com/wireshark/wireshark/-/merge_requests/22553 | ||
| 18 | |||
| 19 | |||
| 20 | CVE: CVE-2025-13946 | ||
| 21 | Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/aba1fbe6266beb6bf9b887b6eab008e4f4841c9b] | ||
| 22 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
| 23 | --- | ||
| 24 | epan/dissectors/packet-megaco.c | 11 +++++++++-- | ||
| 25 | 1 file changed, 9 insertions(+), 2 deletions(-) | ||
| 26 | |||
| 27 | diff --git a/epan/dissectors/packet-megaco.c b/epan/dissectors/packet-megaco.c | ||
| 28 | index 327b849..abf2078 100644 | ||
| 29 | --- a/epan/dissectors/packet-megaco.c | ||
| 30 | +++ b/epan/dissectors/packet-megaco.c | ||
| 31 | @@ -1775,8 +1775,15 @@ dissect_megaco_mediadescriptor(tvbuff_t *tvb, proto_tree *megaco_tree_command_li | ||
| 32 | mediaParm = find_megaco_mediaParm_names(tvb, tvb_current_offset, tokenlen); | ||
| 33 | |||
| 34 | tvb_LBRKT = tvb_find_guint8(tvb, tvb_next_offset , tvb_last_RBRKT, '{'); | ||
| 35 | - tvb_next_offset = tvb_find_guint8(tvb, tvb_current_offset+1 , tvb_last_RBRKT, '}'); | ||
| 36 | - tvb_RBRKT = tvb_next_offset; | ||
| 37 | + if (tvb_LBRKT == -1) { | ||
| 38 | + // Not found, use the end offset. | ||
| 39 | + tvb_LBRKT = tvb_last_RBRKT; | ||
| 40 | + } | ||
| 41 | + tvb_RBRKT = tvb_find_guint8(tvb, tvb_current_offset+1 , tvb_last_RBRKT, '}'); | ||
| 42 | + if (tvb_RBRKT == -1) { | ||
| 43 | + // Not found, use the end offset. | ||
| 44 | + tvb_RBRKT = tvb_last_RBRKT; | ||
| 45 | + } | ||
| 46 | |||
| 47 | switch ( mediaParm ){ | ||
| 48 | case MEGACO_LOCAL_TOKEN: | ||
| 49 | -- | ||
| 50 | 2.50.1 | ||
| 51 | |||
diff --git a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb index 559dd75fe0..1185804282 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb | |||
| @@ -19,6 +19,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz | |||
| 19 | file://CVE-2026-0962.patch \ | 19 | file://CVE-2026-0962.patch \ |
| 20 | file://CVE-2026-3201.patch \ | 20 | file://CVE-2026-3201.patch \ |
| 21 | file://CVE-2026-0960.patch \ | 21 | file://CVE-2026-0960.patch \ |
| 22 | file://CVE-2025-13946.patch \ | ||
| 22 | " | 23 | " |
| 23 | 24 | ||
| 24 | UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions" | 25 | UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions" |
