2308785 – (CVE-2024-8006) CVE-2024-8006 libpcap: NULL pointer derefence in pcap_findalldevs_ex() in pcap-new.c

Bug 2308785 (CVE-2024-8006) - CVE-2024-8006 libpcap: NULL pointer derefence in pcap_findalldevs_ex() in pcap-new.c

Summary: CVE-2024-8006 libpcap: NULL pointer derefence in pcap_findalldevs_ex() in pca...

Keywords:
Status:	NEW
Alias:	CVE-2024-8006
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2308973 2308974
Blocks:
TreeView+	depends on / blocked

Reported:	2024-08-31 00:21 UTC by OSIDB Bzimport
Modified:	2024-09-05 13:55 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-08-31 00:21:01 UTC

Remote packet capture support is disabled by default in libpcap.  When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex().  One of the function arguments can be a filesystem path, which normally means a directory with input data files.  When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.

Comment 2 Carlos Rodriguez-Fernandez 2024-09-02 20:03:57 UTC

libcap 2.48, 2.69, or 2.170 doesn't have "pcap_findalldevs_ex".

Also the OSIDB import refers to libpcap ("p" in the middle). A different library

Comment 3 Carlos Rodriguez-Fernandez 2024-09-02 20:12:27 UTC

You created the issue for libcap, but I think you meant libpcap: https://src.fedoraproject.org/rpms/libpcap

Note You need to log in before you can comment on or make changes to this bug.