Change #253624
| Category | libpcap |
| Changed by | Denis Ovsienko <denis@ovsienko.info> |
| Changed at | Tue 30 Dec 2025 23:07:43 |
| Repository | https://git.tcpdump.org/libpcap |
| Project | libpcap |
| Branch | master |
| Revision | dd08e53e9380e217ae7c7768da9cc3d7bf37bf83 |
Comments
CVE-2025-11961: Fix OOBR and OOBW in pcap_ether_aton(). pcap_ether_aton() has for a long time required its string argument to be a well-formed MAC-48 address, which is always the case when the argument comes from other libpcap code, so the function has never validated the input and used a simple loop to parse any of the three common MAC-48 address formats. However, the function has also been a part of the public API, so calling it directly with a malformed address can cause the loop to read beyond the end of the input string and/or to write beyond the end of the allocated output buffer. To handle invalid input more appropriately, replace the simple loop with new functions and require the input to match a supported address format. This problem was reported by Jin Wei, Kunwei Qian and Ping Chen.
Changed files
- CHANGES
- gencode.c
- nametoaddr.c
- nametoaddr.h
- testprogs/TESTrun
- testprogs/translatetest.c