Re: Security Vulnerability - Action Required: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability may in your project

From: <henrichhartzer_at_tuta.io>
Date: Tue, 03 Sep 2024 17:40:54 UTC
Hi, there

>    we have detected that your project may be vulnerable to ILoop with Unreachable Exit Condition ('Infinite Loop') in the function of ` ppp_hdlc ` in the file of ` contrib/tcpdump/print-ppp.c ` . It shares similarities to a recent CVE disclosure [CVE-2024-2397](> https://nvd.nist.gov/vuln/detail/CVE-2024-2397> ) in the > https://github.com/the-tcpdump-group/tcpdump
>
> **The source vulnerability information is as follows:**
>
> > Vulnerability Detail:
> > CVE Identifier: CVE-2024-2397
> > Description: Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.
> > Reference: > https://nvd.nist.gov/vuln/detail/CVE-2024-2397
> > Patch: > https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2
>
>
> Would you help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience!
>
> Best regards,
> James  
>
>

Hi James,

I can't speak authoritatively here at all. Not a committer to src or anything like that, nor a FreeBSD security expert.

I do appreciate your concern for FreeBSD, though! And I think this was merged in already: https://cgit.freebsd.org/src/commit/contrib/tcpdump/print-ppp.c?id=f8860353d4f4c25bacdae5bc1cfb7a95edc9bfe0 <https://cgit.freebsd.org/src/commit/contrib/tcpdump/print-ppp.c?id=f8860353d4f4c25bacdae5bc1cfb7a95edc9bfe0>

Might be worth having another glance over it. I don't see an advisory published, but I'm not sure if that was pushed into a release or not.

https://www.freebsd.org/security/advisories/

Thanks!

-Henrich