From nobody Tue Sep 3 11:44:26 2024 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WykLb3Lv4z5Ms4n for ; Tue, 03 Sep 2024 11:44:39 +0000 (UTC) (envelope-from crispy.james.watt@gmail.com) Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WykLZ4L07z4PX9 for ; Tue, 3 Sep 2024 11:44:38 +0000 (UTC) (envelope-from crispy.james.watt@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=UQIycCFk; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of crispy.james.watt@gmail.com designates 2a00:1450:4864:20::329 as permitted sender) smtp.mailfrom=crispy.james.watt@gmail.com Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-42c2e50ec13so27251775e9.0 for ; Tue, 03 Sep 2024 04:44:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1725363877; x=1725968677; darn=freebsd.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=PrNGidzC7EI7xxQYTVJvVh8x56IuOmKIF5pwqDjri2c=; b=UQIycCFkf/P76a10gJuekY3FYH1h6gIM757IRGgh+jI5VSR2soTnnhqPh1VXAu2T2L 2eTUNe8MfLcoV5TjwV8vrDn5PMaOTwH8EawKZYZKJABU4R5uYAXJnKD/P6sKU/igH9gu ZwuEMWOgw0S3arBbghPmD4bETPjtk5pRyivBpsti8wXCz4zJB5os4+Dqn7+hOjoMy2mv k1aJGYoRiEfSGQ+7b7nNMzsxlaBhNNWp2R/46AIihePZN0ffAOTvglIdBONJRysnZxTP FcuOEynbH4AYNZiXriblZADvADxjFi7AAvG2B/zljiLgnKA1JwHIQcV9XAUDlhMoh/k8 BATw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725363877; x=1725968677; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=PrNGidzC7EI7xxQYTVJvVh8x56IuOmKIF5pwqDjri2c=; b=OQckZY0txBHc+xMJBRVO7TNEFD1bVhFGvTcb1aSP3+Uc+wmd9ul4cxXicIQHOBm2f+ 8e3QL2sXOPUQ42wPDh9HFxlv94GKMaA0/KjOQrZhwR5O51aqbDekApm/uSyfxmV3HFm+ 1tdrrWfGEeULSZiBHbv3Wu8c2X022jtBgV0adTAT8lw/CI1k+a8WQOAp6CVoG4C4as/U GwJW5fiO/TSqTFRIdEXmuG1EldiDubshGZ4EeXDWpP7+LqyuiNxjHB5VXPkY5nM1Z+V5 G8rM36IITZHZXH1VCC/ZenEUEPMwpZLNXuMJGEGM7+zoxq7s+DmwkwVZVfD1uJHpDFwI z4aA== X-Gm-Message-State: AOJu0YyrJYD4/gQEOjL2fCnW62ZveWHxEmkeVvYQpYczocbJgpTBJgkh xL4NGjCmtx0DHk4oliRcmt4HG1taKCEIHjsm2cJvZXdXmFmFmXsGqaVBlk3Z7h/IOFhKP8FnB93 QAykemj4kUi4A+2JSqwlhH25jWp+0aAbA X-Google-Smtp-Source: AGHT+IEpjQKt+hFG40+JQ61WI/r1ibf4EHH+2cMAKnqLduN/cHvdv8T9UOhvHc2rNP68rrnnZycCwWqCX/bZpUT7rsA= X-Received: by 2002:a05:600c:1ca0:b0:424:a2be:c161 with SMTP id 5b1f17b1804b1-42bbb216f26mr104585275e9.20.1725363876543; Tue, 03 Sep 2024 04:44:36 -0700 (PDT) List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-security@freebsd.org Sender: owner-freebsd-security@FreeBSD.org MIME-Version: 1.0 From: James Watt Date: Tue, 3 Sep 2024 19:44:26 +0800 Message-ID: Subject: Security Vulnerability - Action Required: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability may in your project To: freebsd-security@freebsd.org Content-Type: multipart/alternative; boundary="000000000000f8454006213594d3" X-Spamd-Bar: -- X-Spamd-Result: default: False [-3.00 / 15.00]; URI_COUNT_ODD(1.00)[17]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_TRACE(0.00)[0:+,1:+,2:~]; TAGGED_FROM(0.00)[]; MISSING_XM_UA(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MLMMJ_DEST(0.00)[freebsd-security@freebsd.org]; RCVD_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::329:from] X-Rspamd-Queue-Id: 4WykLZ4L07z4PX9 --000000000000f8454006213594d3 Content-Type: text/plain; charset="UTF-8" Hi, there we have detected that your project may be vulnerable to ILoop with Unreachable Exit Condition ('Infinite Loop') in the function of ` ppp_hdlc ` in the file of ` contrib/tcpdump/print-ppp.c ` . It shares similarities to a recent CVE disclosure [CVE-2024-2397]( https://nvd.nist.gov/vuln/detail/CVE-2024-2397) in the https://github.com/the-tcpdump-group/tcpdump **The source vulnerability information is as follows:** > Vulnerability Detail: > CVE Identifier: CVE-2024-2397 > Description: Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21. > Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-2397 > Patch: https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Would you help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience! Best regards, James --000000000000f8454006213594d3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi, there
=C2=A0 =C2=A0we have detected that your proje= ct may be vulnerable to ILoop with Unreachable Exit Condition ('Infinit= e Loop') in the function of ` ppp_hdlc ` in the file of ` contrib/tcpdu= mp/print-ppp.c ` . It shares similarities to a recent CVE disclosure [CVE-2= 024-2397](https://nvd.nist.gov/vuln/detail/CVE-2024-2397) in the=C2= =A0https://github.com/the-tcpdump-group/tcpdump

**The source vul= nerability information is as follows:**

> Vulnerability Detail:> CVE Identifier: CVE-2024-2397
> Description:=C2=A0Due to a bug= in packet data buffers management, the PPP printer in tcpdump can enter an= infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This p= roblem does not affect any tcpdump release, but it affected the git master = branch from 2023-06-05 to 2024-03-21.
> Reference:=C2=A0https://nvd= .nist.gov/vuln/detail/CVE-2024-2397
> Patch:=C2=A0https://github.com/the-tcpdump-group/tcpdu= mp/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2

<= br>Would you help to check if this bug is true? If it's true, I'd l= ike to open a PR for that if necessary. Thank you for your effort and patie= nce!

Best regards,
James=C2=A0=C2=A03D""
--000000000000f8454006213594d3--