aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic/hack-5.10/640-bridge-only-accept-EAP-locally.patch
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2022-02-12 23:13:47 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2022-02-12 23:22:05 +0100
commit8f5875c4e221453932f217a82f8c3092cacba3e5 (patch)
treec99555470aaac87b499a2e2c8d54735cc8fe74cb /target/linux/generic/hack-5.10/640-bridge-only-accept-EAP-locally.patch
parent2fd208e2724e330ee9f42acb1c76be8942f968b2 (diff)
downloadupstream-8f5875c4e221453932f217a82f8c3092cacba3e5.tar.gz
upstream-8f5875c4e221453932f217a82f8c3092cacba3e5.tar.bz2
upstream-8f5875c4e221453932f217a82f8c3092cacba3e5.zip
tcpdump: Fix CVE-2018-16301
This fixes the following security problem: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic/hack-5.10/640-bridge-only-accept-EAP-locally.patch')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 15:08:11 +0000