diff options
| author | Ashish Sharma <asharma@mvista.com> | 2023-05-10 00:00:04 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-05-16 06:18:21 -1000 |
| commit | f5051dae9f71a3faf0040e783f07e6fa256945a6 (patch) | |
| tree | 93af59239ae3b579296fcf6b93f658c2b33c5842 /documentation | |
| parent | 97ffdc15190b68cc07f1198e69f239c62f90c8fe (diff) | |
| download | poky-f5051dae9f71a3faf0040e783f07e6fa256945a6.tar.gz | |
connman: Fix CVE-2023-28488 DoS in client.c
Avoid overwriting the read packet length after the initial test. Thus
move all the length checks which depends on the total length first
and do not use the total lenght from the IP packet afterwards.
Fixes CVE-2023-28488
Reported by Polina Smirnova <moe.hwr@gmail.com>
(From OE-Core rev: 47a9ae5592392bd10740e4571b06c8c739705058)
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'documentation')
0 files changed, 0 insertions, 0 deletions
