mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

tcpreplay: fix CVE-2023-43279

Browse Source 
Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay
4.4.4 allows attackers to crash the application via crafted tcprewrite
command.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-43279

Upstream patches:
https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560

Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Jiaying Song
2024-11-06 16:52:32 +08:00
committed by Armin Kuster
parent adbc54688b
commit ea99328a06
2 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2023-43279.patch
+39
View File
@@ -0,0 +1,39 @@
From 3164a75f2660a5c3537feff9fd8751346cf5ca57 Mon Sep 17 00:00:00 2001
From: Gabriel Ganne <gabriel.ganne@gmail.com>
Date: Sun, 21 Jan 2024 09:16:38 +0100
Subject: [PATCH] add check for empty cidr
This causes tcprewrite to exit with an error instead of crashing.
Fixes: #824
Upstream-Status: Backport
CVE: CVE-2023-43279
Reference to upstream patch:
https://github.com/appneta/tcpreplay/pull/860/commits/963842ceca79e97ac3242448a0de94fb901d3560
Signed-off-by: Gabriel Ganne <gabriel.ganne@gmail.com>
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
---
src/common/cidr.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/common/cidr.c b/src/common/cidr.c
index 687fd04..9afbfec 100644
--- a/src/common/cidr.c
+++ b/src/common/cidr.c
@@ -249,6 +249,10 @@ parse_cidr(tcpr_cidr_t **cidrdata, char *cidrin, char *delim)
char *network;
char *token = NULL;
+ if (cidrin == NULL) {
+ errx(-1, "%s", "Unable to parse empty CIDR");
+ }
+
mask_cidr6(&cidrin, delim);
/* first iteration of input using strtok */
--
2.25.1
meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb
+1
View File
@@ -12,6 +12,7 @@ SRC_URI = "https://github.com/appneta/${BPN}/releases/download/v${PV}/${BP}.tar.
file://0001-configure.ac-unify-search-dirs-for-pcap-and-add-lib3.patch \
file://0001-configure.ac-do-not-run-conftest-in-case-of-cross-co.patch \
file://CVE-2023-4256.patch \
file://CVE-2023-43279.patch \
"
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"