mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

wireshark: Fix CVE-2026-0960

Browse Source 
Pick patch from [1] also mentioned in [2]

[1] https://gitlab.com/wireshark/wireshark/-/issues/20944
[2] https://security-tracker.debian.org/tracker/CVE-2026-0960

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Hitendra Prajapati
2026-03-11 09:28:42 +05:30
committed by Anuj Mittal
parent af2304fcb9
commit a88f173ed0
2 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-support/wireshark/files/CVE-2026-0960.patch
+43
View File
@@ -0,0 +1,43 @@
From: John Thacker <johnthacker@gmail.com>
Date: Mon, 12 Jan 2026 15:28:22 +0000
Subject: QUIC: Update reassembly ID for a new MSP
When a QUIC frame has more than one MSP, the reassembly id for the
second MSP has to be used when adding or looking it up, instead of
the original reassembly id of the first MSP.
Fixes reassembly of the file in #20944 in most cases, outside of issues
with out of order UDP packets / QUIC packets.
(cherry picked from commit 562c3c070c6f58d01904d42338489b1a64ad7655)
Co-authored-by: John Thacker <johnthacker@gmail.com>
origin: https://gitlab.com/wireshark/wireshark/-/merge_requests/23175
CVE: CVE-2026-0960
Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/f31123dcdbac37272046b58b2f7941bc7fb42934]
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
epan/dissectors/packet-quic.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/epan/dissectors/packet-quic.c b/epan/dissectors/packet-quic.c
index cabc2c5..7614b7f 100644
--- a/epan/dissectors/packet-quic.c
+++ b/epan/dissectors/packet-quic.c
@@ -1781,9 +1781,10 @@ again:
deseg_seq, nxtseq+pinfo->desegment_len, stream->multisegment_pdus);
}
- /* add this segment as the first one for this new pdu */
+ /* add this segment as the first one for this new pdu
+ * Use the the new MSP's reassembly ID (its first frame). */
fragment_add(&quic_reassembly_table, tvb, deseg_offset,
- pinfo, reassembly_id, NULL,
+ pinfo, msp->first_frame, stream_info,
0, nxtseq - deseg_seq,
nxtseq < msp->nxtpdu);
}
--
2.50.1
meta-networking/recipes-support/wireshark/wireshark_4.2.14.bb
+1
View File
@@ -18,6 +18,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/all-versions/wireshark-${PV}.tar.xz
file://CVE-2026-0959.patch \
file://CVE-2026-0962.patch \
file://CVE-2026-3201.patch \
file://CVE-2026-0960.patch \
"
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src/all-versions"