projects / librecmc / librecmc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 30743ef) | patch
tcpdump: Fix CVE-2018-16301
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 12 Feb 2022 22:13:47 +0000 (23:13 +0100)
committerRISCi_ATOM <bob@bobcall.me>
Mon, 28 Mar 2022 17:07:26 +0000 (13:07 -0400)
commit3bbf980d81449e5f73b4caacbf1482ec14890497
tree5a1f39e2f004407ddd4ad07e76652a5b5c8fe514tree | snapshot
parent30743efdac24679b7a9b239dc42aec9d34e9029bcommit | diff
tcpdump: Fix CVE-2018-16301

This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f5875c4e221453932f217a82f8c3092cacba3e5)
(cherry picked from commit 59e7ae8d65ab9a9315608a69565f6a4247d3b1ac)
package/network/utils/tcpdump/Makefile diff | blob | history
package/network/utils/tcpdump/patches/102-CVE-2018-16301.patch [new file with mode: 0644] blob