[Olsr-dev] tcpdump olsr_print CVE-2014-8767

Saverio Proto (spam-protected)
Sun Feb 15 21:19:37 CET 2015


Hello there,

http://www.gentoo.org/security/en/glsa/glsa-201502-05.xml

anyone here contributed to write the olsr parser in tcpdump ?

The olsr_print function function contains an integer underflow error
(CVE-2014-8767)

dont worry, the bug is in tcpdump, not in olsrd, but if someone here
has a patch, now it is time to merge it upstream to the tcpdump people
:)

Saverio




More information about the Olsr-dev mailing list