summaryrefslogtreecommitdiffstats
path: root/documentation
diff options
context:
space:
mode:
authorAshish Sharma <asharma@mvista.com>2023-05-10 00:00:04 +0530
committerSteve Sakoman <steve@sakoman.com>2023-05-16 06:18:21 -1000
commitf5051dae9f71a3faf0040e783f07e6fa256945a6 (patch)
tree93af59239ae3b579296fcf6b93f658c2b33c5842 /documentation
parent97ffdc15190b68cc07f1198e69f239c62f90c8fe (diff)
downloadpoky-f5051dae9f71a3faf0040e783f07e6fa256945a6.tar.gz
connman: Fix CVE-2023-28488 DoS in client.c
Avoid overwriting the read packet length after the initial test. Thus move all the length checks which depends on the total length first and do not use the total lenght from the IP packet afterwards. Fixes CVE-2023-28488 Reported by Polina Smirnova <moe.hwr@gmail.com> (From OE-Core rev: 47a9ae5592392bd10740e4571b06c8c739705058) Signed-off-by: Ashish Sharma <asharma@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'documentation')
0 files changed, 0 insertions, 0 deletions