aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/libnl-tiny
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2022-02-12 23:13:47 +0100
committerPetr Štetiar <ynezz@true.cz>2022-02-13 08:55:02 +0100
commite92a4e5458ff35083ea7263c68316b47243a1222 (patch)
tree73c7ece30e58cc4d85739e6a2f33aa71b33f4c88 /package/libs/libnl-tiny
parent606106fb295e2770af4df7c04fc9fcc95428a0f4 (diff)
downloadupstream-e92a4e5458ff35083ea7263c68316b47243a1222.tar.gz
upstream-e92a4e5458ff35083ea7263c68316b47243a1222.tar.bz2
upstream-e92a4e5458ff35083ea7263c68316b47243a1222.zip
tcpdump: Fix CVE-2018-16301
This fixes the following security problem: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 8f5875c4e221453932f217a82f8c3092cacba3e5) (cherry picked from commit 59e7ae8d65ab9a9315608a69565f6a4247d3b1ac)
Diffstat (limited to 'package/libs/libnl-tiny')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 14:34:01 +0000