summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorHitendra Prajapati <hprajapati@mvista.com>2025-12-09 18:00:05 +0530
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-12-11 08:02:02 +0530
commit5775e1a6435debe337e156fa74e5af8e45368ca0 (patch)
treecfa07571621ee09ec57e154ab710d4970c7f1dad /meta-networking
parentd9e1f6f274c8a7b1597b0068969ac9cc0da3881d (diff)
downloadmeta-openembedded-5775e1a6435debe337e156fa74e5af8e45368ca0.tar.gz
wireshark: fix CVE-2025-13499
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/e180152d3dae668249f78c72a55a4ba436b57af7 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch45
-rw-r--r--meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb1
2 files changed, 46 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch b/meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch
new file mode 100644
index 0000000000..b713cea8c4
--- /dev/null
+++ b/meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch
@@ -0,0 +1,45 @@
1From e180152d3dae668249f78c72a55a4ba436b57af7 Mon Sep 17 00:00:00 2001
2From: Darius Davis <darius-wireshark@free-range.com.au>
3Date: Sat, 25 Oct 2025 15:01:34 +1000
4Subject: [PATCH] Kafka: Fix decompress_snappy with no xerial chunks.
5
6Instead of returning true without setting outputs, report a failure to
7decompress and return false to the caller.
8
9Fix #20823
10
11(cherry picked from commit 49137f8ce93c9f7ac55b69c8e089ba6a422f633e)
12
13CVE-2025-13499
14Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/e180152d3dae668249f78c72a55a4ba436b57af7]
15Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
16---
17 epan/dissectors/packet-kafka.c | 4 ++--
18 1 file changed, 2 insertions(+), 2 deletions(-)
19
20diff --git a/epan/dissectors/packet-kafka.c b/epan/dissectors/packet-kafka.c
21index 482a670..e537013 100644
22--- a/epan/dissectors/packet-kafka.c
23+++ b/epan/dissectors/packet-kafka.c
24@@ -1788,6 +1788,7 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 length,
25 count++;
26 DISSECTOR_ASSERT_HINT(count < MAX_LOOP_ITERATIONS, "MAX_LOOP_ITERATIONS exceeded");
27 }
28+ ret = composite_tvb != NULL;
29
30 } else {
31
32@@ -1810,9 +1811,8 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 length,
33
34 *decompressed_tvb = tvb_new_child_real_data(tvb, decompressed_buffer, (guint)out_size, (gint)out_size);
35 *decompressed_offset = 0;
36-
37+ ret = TRUE;
38 }
39- ret = TRUE;
40 end:
41 if (composite_tvb) {
42 tvb_composite_finalize(composite_tvb);
43--
442.50.1
45
diff --git a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
index 63610642ac..c313075ea4 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
@@ -14,6 +14,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz
14 file://0004-lemon-Remove-line-directives.patch \ 14 file://0004-lemon-Remove-line-directives.patch \
15 file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \ 15 file://0001-UseLemon.cmake-do-not-use-lemon-data-from-the-host.patch \
16 file://CVE-2025-9817.patch \ 16 file://CVE-2025-9817.patch \
17 file://CVE-2025-13499.patch \
17 " 18 "
18 19
19UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions" 20UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions"