Please sign in to comment.
CVE-2017-13000/IEEE 802.15.4: Fix bug introduced by previous fix.
We've already advanced the pointer past the PAN ID, if present; it now points to the address, so don't add 2 to it. This fixes a buffer over-read discovered by Forcepoint's security researchers Otto Airamo & Antti Levomäki. Add a test using the capture file supplied by the reporter(s).
- Loading branch information...
Showing with 3 additions and 1 deletion.
|@@ -0,0 +1 @@|
|IEEE 802.15.4 Data packet seq 01 ab4d:10:05:00:81:00:01:00:01 < [|802.15.4]|