[Buildroot] [PATCH] package/slirp: add upstream security fix for CVE-2020-29129 / CVE-2020-29130

Peter Korsgaard peter at korsgaard.com
Sat Nov 28 08:21:55 UTC 2020


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
 > routines, ensure that pkt_len is large enough to accommodate the
 > respective protocol headers, lest it should do an OOB access.
 > Add check to avoid it.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list