| 标题 | PcapPlusPlus v25.05 Heap-based Buffer Overflow |
|---|
| 描述 | A heap-based buffer over-read vulnerability exists in PcapPlusPlus's bundled LightPcapNg parser within the parse_by_block_type function at light_pcapng.c:172. The flaw is caused by missing validation on the captured_packet_length value read directly from parsed PCAPNG file data. When processing a maliciously crafted PCAPNG file, the program calls memcpy() using the untrusted, uncontrolled length value without checking its validity against the actual allocated heap buffer size. This results in copying excessive bytes far beyond the heap buffer boundary, triggering a large out-of-bounds heap read and causing program crash. Remote attackers can exploit this vulnerability by supplying a specially crafted PCAPNG file to trigger heap memory corruption, leading to a denial-of-service (DoS) condition and potential sensitive memory information disclosure. |
|---|
| 来源 | ⚠️ https://github.com/seladb/PcapPlusPlus/issues/2149 |
|---|
| 用户 | TYGLS (UID 94774) |
|---|
| 提交 | 2026-06-01 05時10分 (30 日前) |
|---|
| 管理 | 2026-06-29 06時25分 (28 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 374590 [seladb PcapPlusPlus 25.05 LightPcapNg Parser light_pcapng.c parse_by_block_type captured_packet_length 内存损坏] |
|---|
| 积分 | 20 |
|---|