[Buildroot] [PATCH] package/slirp: add upstream security fix for CVE-2020-29129 / CVE-2020-29130
Peter Korsgaard
peter at korsgaard.com
Sat Nov 28 08:21:55 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
> routines, ensure that pkt_len is large enough to accommodate the
> respective protocol headers, lest it should do an OOB access.
> Add check to avoid it.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list