public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Martin Osvald <mosvald@redhat.com>
To: git-commits@fedoraproject.org
Subject: [rpms/nmap] rawhide: Fix CVE-2026-58058 (rhbz#2494410)
Date: Wed, 01 Jul 2026 12:53:13 GMT [thread overview]
Message-ID: <178291039387.1.14497061366872348896.rpms-nmap-c90db96bd64f@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/nmap
Branch : rawhide
Commit : c90db96bd64f82519e3de4246d98e585290ef916
Author : Martin Osvald <mosvald@redhat.com>
Date : 2026-06-30T09:31:31+02:00
Stats : +28/-0 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/nmap/c/c90db96bd64f82519e3de4246d98e585290ef916?branch=rawhide
Log:
Fix CVE-2026-58058 (rhbz#2494410)
---
diff --git a/nmap-CVE-2026-58058.patch b/nmap-CVE-2026-58058.patch
new file mode 100644
index 0000000..9cee66f
--- /dev/null
+++ b/nmap-CVE-2026-58058.patch
@@ -0,0 +1,25 @@
+commit bb6754e76bb1686315008e1aa1c40202a513fb83
+Author: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
+Date: Thu Jun 25 21:58:49 2026 +0000
+
+ Fix extension header parsing. Credit: Himanshu Anand
+
+diff --git a/libnetutil/netutil.cc b/libnetutil/netutil.cc
+index 5a2daf187..ba7cfe71a 100644
+--- a/libnetutil/netutil.cc
++++ b/libnetutil/netutil.cc
+@@ -700,11 +700,13 @@ static const u8 *ipv6_get_data_primitive(const struct ip6_hdr *ip6, const u8 *pa
+ *nxt = ip6->ip6_nxt;
+ p += sizeof(*ip6);
+ while (p < end && ipv6_is_extension_header(*nxt)) {
+- if (p + 2 > end)
++ if (p + 8 > end)
+ return NULL;
+ *nxt = *p;
+ p += (*(p + 1) + 1) * 8;
+ }
++ if (p >= end)
++ return NULL;
+
+ *len = end - p;
+ if (upperlayer_only && !ipv6_is_upperlayer(*nxt))
diff --git a/nmap.spec b/nmap.spec
index 4c75878..6db9f5a 100644
--- a/nmap.spec
+++ b/nmap.spec
@@ -31,6 +31,9 @@ Patch9: nmap-ems-ssl-enum-ciphers.patch
Patch10: nmap-libpcap.patch
# Fix OpenSSL 4.0 compatibility
Patch11: nmap-openssl4.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2494410
+# https://github.com/nmap/nmap/commit/bb6754e
+Patch12: nmap-CVE-2026-58058.patch
BuildRequires: automake make
BuildRequires: autoconf
reply other threads:[~2026-07-01 12:53 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178291039387.1.14497061366872348896.rpms-nmap-c90db96bd64f@fedoraproject.org \
--to=mosvald@redhat.com \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox