Fix CVE-2024-8250
This commit is contained in:
wk333
parent
27d7971f85
commit
38571c7030
56
CVE-2024-8250.patch
Normal file
56
CVE-2024-8250.patch
Normal file
@ -0,0 +1,56 @@
|
||||
From be0e7c955d7efa628baa97447127c3434b575765 Mon Sep 17 00:00:00 2001
|
||||
From: John Thacker <johnthacker@gmail.com>
|
||||
Date: Sun, 28 Jul 2024 13:06:50 +0000
|
||||
Subject: [PATCH] ntlmssp: Don't insert a key created on the stack into a hash
|
||||
table
|
||||
|
||||
Origin: https://gitlab.com/wireshark/wireshark/-/merge_requests/16640
|
||||
|
||||
We could change this table to an autoreset wmem_map as well.
|
||||
|
||||
Fix #19943
|
||||
|
||||
|
||||
(cherry picked from commit 66dcd56f1eae615697b6588ac4778a61a5576391)
|
||||
|
||||
Co-authored-by: John Thacker <johnthacker@gmail.com>
|
||||
---
|
||||
epan/dissectors/packet-ntlmssp.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/epan/dissectors/packet-ntlmssp.c b/epan/dissectors/packet-ntlmssp.c
|
||||
index a538c204e61..d279d74eb53 100644
|
||||
--- a/epan/dissectors/packet-ntlmssp.c
|
||||
+++ b/epan/dissectors/packet-ntlmssp.c
|
||||
@@ -2353,7 +2353,9 @@ decrypt_data_payload(tvbuff_t *tvb, int offset, guint32 encrypted_block_length,
|
||||
decrypted_payloads = g_slist_prepend(decrypted_payloads,
|
||||
packet_ntlmssp_info->decrypted_payload);
|
||||
if (key != NULL) {
|
||||
- g_hash_table_insert(hash_packet, key, packet_ntlmssp_info);
|
||||
+ uint8_t *perm_key = g_new(uint8_t, NTLMSSP_KEY_LEN);
|
||||
+ memcpy(perm_key, key, NTLMSSP_KEY_LEN);
|
||||
+ g_hash_table_insert(hash_packet, perm_key, packet_ntlmssp_info);
|
||||
}
|
||||
|
||||
/* Do the decryption of the payload */
|
||||
@@ -2803,7 +2805,7 @@ header_hash(gconstpointer pointer)
|
||||
static gboolean
|
||||
header_equal(gconstpointer pointer1, gconstpointer pointer2)
|
||||
{
|
||||
- if (!memcmp(pointer1, pointer2, 16)) {
|
||||
+ if (!memcmp(pointer1, pointer2, NTLMSSP_KEY_LEN)) {
|
||||
return TRUE;
|
||||
}
|
||||
else {
|
||||
@@ -2814,7 +2816,7 @@ header_equal(gconstpointer pointer1, gconstpointer pointer2)
|
||||
static void
|
||||
ntlmssp_init_protocol(void)
|
||||
{
|
||||
- hash_packet = g_hash_table_new(header_hash, header_equal);
|
||||
+ hash_packet = g_hash_table_new_full(header_hash, header_equal, g_free, NULL);
|
||||
}
|
||||
|
||||
static void
|
||||
--
|
||||
GitLab
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
Summary: Network traffic analyzer
|
||||
Name: wireshark
|
||||
Version: 3.6.14
|
||||
Release: 9
|
||||
Release: 10
|
||||
Epoch: 1
|
||||
License: GPL+
|
||||
Url: http://www.wireshark.org/
|
||||
@ -38,6 +38,7 @@ Patch19: CVE-2023-0666.patch
|
||||
Patch20: CVE-2024-4853.patch
|
||||
Patch21: CVE-2024-4854.patch
|
||||
Patch22: CVE-2024-4855.patch
|
||||
Patch23: CVE-2024-8250.patch
|
||||
|
||||
Requires: xdg-utils
|
||||
Requires: hicolor-icon-theme
|
||||
@ -212,6 +213,9 @@ exit 0
|
||||
%{_mandir}/man?/*
|
||||
|
||||
%changelog
|
||||
* Fri Aug 30 2024 wangkai <13474090681@163.com> - 1:3.6.14-10
|
||||
- Fix CVE-2024-8250
|
||||
|
||||
* Wed May 15 2024 yaoxin <yao_xin001@hoperun.com> - 1:3.6.14-9
|
||||
- Fix CVE-2024-4853,CVE-2024-4854 and CVE-2024-4855
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user