Resolves: RHEL-130427 - Access of Uninitialized Pointer in Wireshark

2026-01-19 14:13:18 +01:00 · 2026-01-19 14:13:18 +01:00 · 5f48992b08
commit 5f48992b08
parent d17f1298c2
2 changed files with 44 additions and 1 deletions
--- a/wireshark-0010-cve-2025-13499.patch
+++ b/wireshark-0010-cve-2025-13499.patch
@ -0,0 +1,39 @@
+From 49137f8ce93c9f7ac55b69c8e089ba6a422f633e Mon Sep 17 00:00:00 2001
+From: Darius Davis <darius-wireshark@free-range.com.au>
+Date: Sat, 25 Oct 2025 15:01:34 +1000
+Subject: [PATCH] Kafka: Fix decompress_snappy with no xerial chunks.
+
+Instead of returning true without setting outputs, report a failure to
+decompress and return false to the caller.
+
+Fix #20823
+---
+ epan/dissectors/packet-kafka.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/epan/dissectors/packet-kafka.c b/epan/dissectors/packet-kafka.c
+index cc2a0eee392..764b79446d5 100644
+--- a/epan/dissectors/packet-kafka.c
+++ b/epan/dissectors/packet-kafka.c
+@@ -1950,6 +1950,7 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, uint32_t length
+             count++;
+             DISSECTOR_ASSERT_HINT(count < MAX_LOOP_ITERATIONS, "MAX_LOOP_ITERATIONS exceeded");
+         }
+        ret = composite_tvb != NULL;
+ 
+     } else {
+ 
+@@ -1959,9 +1960,9 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, uint32_t length
+             goto end;
+         }
+         *decompressed_offset = 0;
+        ret = true;
+ 
+     }
+-    ret = true;
+ end:
+     if (composite_tvb) {
+         tvb_composite_finalize(composite_tvb);
+-- 
+GitLab
+
--- a/wireshark.spec
+++ b/wireshark.spec
@ -6,7 +6,7 @@
 Summary:	Network traffic analyzer
 Name:		wireshark
 Version:	4.4.2
-Release:	4%{?dist}
+Release:	5%{?dist}
 Epoch:		1
 License:	BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause AND MIT AND GPL-2.0-or-later AND LGPL-2.0-or-later AND Zlib AND ISC AND (BSD-3-Clause OR GPL-2.0-only) AND (GPL-2.0-or-later AND Zlib)
 Url:		http://www.wireshark.org/
@ -29,6 +29,7 @@ Patch6:   wireshark-0006-Move-tmp-to-var-tmp.patch
 Patch7:   wireshark-0007-cmakelists.patch
 Patch8:   wireshark-0008-pkgconfig.patch
 Patch9:   wireshark-0009-cve-2025-1492.patch
+Patch10:  wireshark-0010-cve-2025-13499.patch

 #install tshark together with wireshark GUI
 Requires:	%{name}-cli = %{epoch}:%{version}-%{release}
@ -281,6 +282,9 @@ fi
 %{_libdir}/pkgconfig/%{name}.pc

 %changelog
+* Mon Jan 19 2026 Michal Ruprich <mruprich@redhat.com> - 1:4.4.2-5
+- Resolves: RHEL-130427 - Access of Uninitialized Pointer in Wireshark
+
 * Tue Jun 10 2025 Michal Ruprich <mruprich@redhat.com> - 1:4.4.2-4
 - Resolves: RHEL-91194 - RFE - Wireshark with LUA support