Details: https://nvd.nist.gov/vuln/detail/CVE-2026-3606
Pick the commit that is marked to solve the related Github issue[1]. Its commit message also references the CVE ID explicitly. [1]: https://github.com/Ettercap/ettercap/issues/1297 Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../ettercap/ettercap/CVE-2026-3606.patch | 48 +++++++++++++++++++ .../ettercap/ettercap_0.8.3.1.bb | 4 +- 2 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 meta-networking/recipes-support/ettercap/ettercap/CVE-2026-3606.patch diff --git a/meta-networking/recipes-support/ettercap/ettercap/CVE-2026-3606.patch b/meta-networking/recipes-support/ettercap/ettercap/CVE-2026-3606.patch new file mode 100644 index 0000000000..8affaffce5 --- /dev/null +++ b/meta-networking/recipes-support/ettercap/ettercap/CVE-2026-3606.patch @@ -0,0 +1,48 @@ +From 94c25ba50ed6e83b20527acdbc3f54edafef9c93 Mon Sep 17 00:00:00 2001 +From: Alexander Koeppe <[email protected]> +Date: Sun, 8 Mar 2026 17:57:39 +0100 +Subject: [PATCH] Fix heap-out-of-bounds read issue in etterfilter + (CVE-2026-3606) + +CVE: CVE-2026-3606 +Upstream-Status: Backport [https://github.com/Ettercap/ettercap/commit/41c312d4be6f6067968a275bf66b2abd2a0ba385] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + include/ec.h | 6 ++++++ + utils/etterfilter/ef_output.c | 4 ++-- + 2 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/include/ec.h b/include/ec.h +index 4e363b0a..66da146e 100644 +--- a/include/ec.h ++++ b/include/ec.h +@@ -81,6 +81,12 @@ + ON_ERROR(x, NULL, "virtual memory exhausted"); \ + } while(0) + ++#define SAFE_RECALLOC(x, s) do { \ ++ x = realloc(x, s); \ ++ ON_ERROR(x, NULL, "virtual memory exhausted"); \ ++ memset(x, 0, s); \ ++} while(0) ++ + #define SAFE_STRDUP(x, s) do{ \ + x = strdup(s); \ + ON_ERROR(x, NULL, "virtual memory exhausted"); \ +diff --git a/utils/etterfilter/ef_output.c b/utils/etterfilter/ef_output.c +index 2530e599..2f49177e 100644 +--- a/utils/etterfilter/ef_output.c ++++ b/utils/etterfilter/ef_output.c +@@ -150,10 +150,10 @@ static size_t create_data_segment(u_char** data, struct filter_header *fh, struc + static size_t add_data_segment(u_char **data, size_t base, u_char **string, size_t slen) + { + /* make room for the new string */ +- SAFE_REALLOC(*data, base + slen + 1); ++ SAFE_RECALLOC(*data, base + slen + 1); + + /* copy the string, NULL separated */ +- memcpy(*data + base, *string, slen + 1); ++ memcpy(*data + base, *string, slen); + + /* + * change the pointer to the new string location diff --git a/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb b/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb index 723d7c8f78..b7f550ef7b 100644 --- a/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb +++ b/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb @@ -21,7 +21,9 @@ DEPENDS += "ethtool \ RDEPENDS:${PN} += "bash ethtool libgcc" SRC_URI = "gitsm://github.com/Ettercap/ettercap;branch=master;protocol=https \ - file://0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch" + file://0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch \ + file://CVE-2026-3606.patch \ + " SRCREV = "7281fbddb7da7478beb1d21e3cb105fff3778b31"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#125071): https://lists.openembedded.org/g/openembedded-devel/message/125071 Mute This Topic: https://lists.openembedded.org/mt/118256855/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
