mirror of
https://git.yoctoproject.org/meta-security
synced 2026-01-11 15:00:34 +00:00
27644f5474
* CVE-2024-45795 - Upstream-Status: Backport from72456d359b&&96d5c81aed* CVE-2024-45796 - Upstream-Status: Backport from9203656496Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Scott Murray <scott.murray@konsulko.com>
34 lines
1003 B
Diff
34 lines
1003 B
Diff
From 9203656496c4081260817cce018a0d8fd57869b5 Mon Sep 17 00:00:00 2001
|
|
From: Philippe Antoine <pantoine@oisf.net>
|
|
Date: Mon, 15 Jul 2024 09:52:00 +0200
|
|
Subject: [PATCH] defrag: fix off by one
|
|
|
|
Ticket: 7067
|
|
|
|
This off by one could lead to an empty fragment being inserted
|
|
in the rb tree, which led to integer underflow.
|
|
|
|
Upstream-Status: Backport [https://github.com/OISF/suricata/commit/9203656496c4081260817cce018a0d8fd57869b5]
|
|
CVE: CVE-2024-45796
|
|
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
|
|
---
|
|
src/defrag.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/defrag.c b/src/defrag.c
|
|
index 71cf420..38704c9 100644
|
|
--- a/src/defrag.c
|
|
+++ b/src/defrag.c
|
|
@@ -808,7 +808,7 @@ DefragInsertFrag(ThreadVars *tv, DecodeThreadVars *dtv, DefragTracker *tracker,
|
|
}
|
|
}
|
|
|
|
- if (ltrim > data_len) {
|
|
+ if (ltrim >= data_len) {
|
|
/* Full packet has been trimmed due to the overlap policy. Overlap
|
|
* already set. */
|
|
goto done;
|
|
--
|
|
2.25.1
|
|
|