packages/wireshark
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2020-25862 CVE-2020-25863

Browse Source
This commit is contained in:
wangxiao65 2020-10-21 14:22:49 +08:00
parent 6daa668982
commit 10cb32e171
3 changed files with 80 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
CVE-2020-25862.patch Normal file
View File

@ -0,0 +1,31 @@
From 7f3fe6164a68b76d9988c4253b24d43f498f1753 Mon Sep 17 00:00:00 2001
From: Pascal Quantin <pascal@wireshark.org>
Date: Tue, 1 Sep 2020 17:22:14 +0200
Subject: [PATCH] TCP: do not use an unknown status when the checksum is 0xffff
Otherwise it triggers an assert when adding the column as the field is
defined as BASE_NONE and not BASE_DEC or BASE_HEX. Thus an unknown value
(not in proto_checksum_vals[)array) cannot be represented.
Mark the checksum as bad even if we process the packet.
Closes #16816
---
epan/dissectors/packet-tcp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/epan/dissectors/packet-tcp.c b/epan/dissectors/packet-tcp.c
index db8ef31639..fc83f665d1 100644
--- a/epan/dissectors/packet-tcp.c
+++ b/epan/dissectors/packet-tcp.c
@@ -6230,7 +6230,7 @@ dissect_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_)
PROTO_ITEM_SET_GENERATED(item);
/* XXX - What should this special status be? */
item = proto_tree_add_uint(checksum_tree, hf_tcp_checksum_status, tvb,
- offset + 16, 0, 4);
+ offset + 16, 0, PROTO_CHECKSUM_E_BAD);
PROTO_ITEM_SET_GENERATED(item);
expert_add_info(pinfo, item, &ei_tcp_checksum_ffff);
--
GitLab

39
CVE-2020-25863.patch Normal file
View File

@ -0,0 +1,39 @@
From 5803c7b87b3414cdb8bf502af50bb406ca774482 Mon Sep 17 00:00:00 2001
From: George Hopkins <george-hopkins@null.net>
Date: Wed, 2 Sep 2020 10:05:25 +0000
Subject: [PATCH] multipart: fix deallocation of invalid parts
Fixes #16741
(cherry picked from commit 2411eae9edb562e80c45962c74945238a94e5d3b)
---
epan/dissectors/packet-multipart.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/epan/dissectors/packet-multipart.c b/epan/dissectors/packet-multipart.c
index 0e8d9103f1..b972969940 100644
--- a/epan/dissectors/packet-multipart.c
+++ b/epan/dissectors/packet-multipart.c
@@ -340,14 +340,13 @@ get_multipart_info(packet_info *pinfo, http_message_info_t *message_info)
parameters = unfold_and_compact_mime_header(message_info->media_str, &dummy);
start_boundary = ws_find_media_type_parameter(wmem_packet_scope(), parameters, "boundary");
-
- if(!start_boundary) {
+ if (!start_boundary) {
return NULL;
}
- if(strncmp(type, "multipart/encrypted", sizeof("multipart/encrypted")-1) == 0) {
+
+ if (strncmp(type, "multipart/encrypted", sizeof("multipart/encrypted") - 1) == 0) {
start_protocol = ws_find_media_type_parameter(wmem_packet_scope(), parameters, "protocol");
- if(!start_protocol) {
- g_free(start_boundary);
+ if (!start_protocol) {
return NULL;
}
}
--
GitLab

12
wireshark.spec
View File

@ -1,6 +1,6 @@
Name: wireshark
Version: 2.6.2
Release: 11
Release: 12
Epoch: 1
Summary: Network traffic analyzer
License: GPL+
@ -41,6 +41,8 @@ Patch6026: fix-hash-table-key-memory-corruption.patch
Patch6027: CVE-2020-13164.patch
Patch6028: CVE-2020-15466.patch
Patch6029: CVE-2018-16056.patch
Patch6030: CVE-2020-25862.patch
Patch6031: CVE-2020-25863.patch
Requires(pre): shadow-utils
Requires(post): systemd-udev
@ -147,6 +149,12 @@ getent group usbmon >/dev/null || groupadd -r usbmon
%{_mandir}/man?/*
%changelog
* Wed Oct 21 2020 wangxiao <wangxiao65@huawei.com> - 2.6.2-12
- Type:cves
- ID: CVE-2020-25862 CVE-2020-25863
- SUG:NA
- DESC: fix CVE-2020-25862 CVE-2020-25863
* Wed Sep 15 2020 wangxiao <wangxiao65@huawei.com> - 2.6.2-11
- Type:cves
- ID: CVE-2018-16056
@ -168,7 +176,7 @@ getent group usbmon >/dev/null || groupadd -r usbmon
- SUG:restart
- DESC: fix CVE-2020-13164
* Wed May 13 2020 huanghaitao <huanghaitao8@huawei.com> - 2.6.2-7
* Fri May 15 2020 huanghaitao <huanghaitao8@huawei.com> - 2.6.2-7
- Type:cves
- ID: CVE-2020-11647
- SUG:restart