libpcap: patch CVE-2025-11964

Pick patch per [1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2025-11964 (From OE-Core rev: 64c2af571190f7c2b3bb5c53517f0cbcb5dddd6e) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Peter Marko <peter.marko@siemens.com> 2026-01-02 14:32:34 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2026-01-26 09:45:39 +0000
commit: bfe84d74fe04e261854525b6a2f53fdc3c9ac93c (patch)
tree: d40e8a65c7db6eab2a45a605c6b6a287ec586c05 /meta
parent: 5941c9425f12e55bed48844f5e67ec8d2d55a2ae (diff)
download: poky-bfe84d74fe04e261854525b6a2f53fdc3c9ac93c.tar.gz
2 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
new file mode 100644
index 0000000000..003d21fb1f
--- /dev/null
+++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
@@ -0,0 +1,33 @@
+From 7fabf607f2319a36a0bd78444247180acb838e69 Mon Sep 17 00:00:00 2001
+From: Guy Harris <gharris@sonic.net>
+Date: Sun, 7 Sep 2025 12:51:56 -0700
+Subject: [PATCH] Fix a copy-and-pasteo in utf_16le_to_utf_8_truncated().
+For the four octets of UTF-8 case, it was decrementing the remaining
+buffer length by 3, not 4.
+Thanks to a team of developers from the Univesity of Waterloo for
+reporting this.
+(cherry picked from commit aebfca1aea2fc8c177760a26e8f4de27b51d1b3b)
+CVE: CVE-2025-11964
+Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7fabf607f2319a36a0bd78444247180acb838e69]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ fmtutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/fmtutils.c b/fmtutils.c
+index a5a4fe62..78a0f8b7 100644
+--- a/fmtutils.c
+++ b/fmtutils.c
+@@ -235,7 +235,7 @@ utf_16le_to_utf_8_truncated(const wchar_t *utf_16, char *utf_8,
+                        *utf_8++ = ((uc >> 12) & 0x3F) | 0x80;
+                        *utf_8++ = ((uc >> 6) & 0x3F) | 0x80;
+                        *utf_8++ = ((uc >> 0) & 0x3F) | 0x80;
+-                       utf_8_len -= 3;
+                       utf_8_len -= 4;
+                }
+        }
+ 
diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
index df091e5ca2..ee7d7540f6 100644
--- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
+++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
@@ -16,6 +16,7 @@ SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
           file://CVE-2024-8006.patch \
           file://CVE-2025-11961-01.patch \
           file://CVE-2025-11961-02.patch \
+           file://CVE-2025-11964.patch \
          "
 SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"
author	Peter Marko <peter.marko@siemens.com>	2026-01-02 14:32:34 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2026-01-26 09:45:39 +0000
commit	bfe84d74fe04e261854525b6a2f53fdc3c9ac93c (patch)
tree	d40e8a65c7db6eab2a45a605c6b6a287ec586c05 /meta
parent	5941c9425f12e55bed48844f5e67ec8d2d55a2ae (diff)
download	poky-bfe84d74fe04e261854525b6a2f53fdc3c9ac93c.tar.gz

diff --git a/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch new file mode 100644 index 0000000000..003d21fb1f --- /dev/null +++ b/meta/recipes-connectivity/libpcap/libpcap/CVE-2025-11964.patch
@@ -0,0 +1,33 @@
		1	From 7fabf607f2319a36a0bd78444247180acb838e69 Mon Sep 17 00:00:00 2001
		2	From: Guy Harris <gharris@sonic.net>
		3	Date: Sun, 7 Sep 2025 12:51:56 -0700
		4	Subject: [PATCH] Fix a copy-and-pasteo in utf_16le_to_utf_8_truncated().
		5
		6	For the four octets of UTF-8 case, it was decrementing the remaining
		7	buffer length by 3, not 4.
		8
		9	Thanks to a team of developers from the Univesity of Waterloo for
		10	reporting this.
		11
		12	(cherry picked from commit aebfca1aea2fc8c177760a26e8f4de27b51d1b3b)
		13
		14	CVE: CVE-2025-11964
		15	Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/7fabf607f2319a36a0bd78444247180acb838e69]
		16	Signed-off-by: Peter Marko <peter.marko@siemens.com>
		17	---
		18	fmtutils.c \| 2 +-
		19	1 file changed, 1 insertion(+), 1 deletion(-)
		20
		21	diff --git a/fmtutils.c b/fmtutils.c
		22	index a5a4fe62..78a0f8b7 100644
		23	--- a/fmtutils.c
		24	+++ b/fmtutils.c
		25	@@ -235,7 +235,7 @@ utf_16le_to_utf_8_truncated(const wchar_t utf_16, char utf_8,
		26	*utf_8++ = ((uc >> 12) & 0x3F) \| 0x80;
		27	*utf_8++ = ((uc >> 6) & 0x3F) \| 0x80;
		28	*utf_8++ = ((uc >> 0) & 0x3F) \| 0x80;
		29	- utf_8_len -= 3;
		30	+ utf_8_len -= 4;
		31	}
		32	}
		33


diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb index df091e5ca2..ee7d7540f6 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb
@@ -16,6 +16,7 @@ SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
16	file://CVE-2024-8006.patch \	16	file://CVE-2024-8006.patch \
17	file://CVE-2025-11961-01.patch \	17	file://CVE-2025-11961-01.patch \
18	file://CVE-2025-11961-02.patch \	18	file://CVE-2025-11961-02.patch \
		19	file://CVE-2025-11964.patch \
19	"	20	"
20		21
21	SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"	22	SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"