new file mode 100644
@@ -0,0 +1,27 @@
+From 62bc10d4f1d2c9e2833ef2898fb0170e9300a9dd Mon Sep 17 00:00:00 2001
+From: Marsman1996 <lqliuyuwei@outlook.com>
+Date: Tue, 2 Apr 2024 17:29:21 +0800
+Subject: [PATCH] dlt_jnpr_ether_cleanup: check config before cleanup
+
+CVE: CVE-2023-4256
+Upstream-Status: Backport [https://github.com/appneta/tcpreplay/pull/851]
+Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
+---
+ src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c b/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c
+index c53ec297..9642a2c2 100644
+--- a/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c
++++ b/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c
+@@ -164,8 +164,9 @@ dlt_jnpr_ether_cleanup(tcpeditdlt_t *ctx)
+ jnpr_ether_config_t *config;
+
+ config = (jnpr_ether_config_t *)ctx->encoder->config;
+- if (config->subctx != NULL)
++ if (config != NULL && config->subctx != NULL) {
+ tcpedit_dlt_cleanup(config->subctx);
++ }
+ safe_free(plugin->config);
+ plugin->config = NULL;
+ plugin->config_size = 0;
@@ -11,6 +11,7 @@ SRC_URI = "https://github.com/appneta/${BPN}/releases/download/v${PV}/${BP}.tar.
file://0001-libopts.m4-set-POSIX_SHELL-to-bin-sh.patch \
file://0001-configure.ac-unify-search-dirs-for-pcap-and-add-lib3.patch \
file://0001-configure.ac-do-not-run-conftest-in-case-of-cross-co.patch \
+ file://CVE-2023-4256.patch \
"
SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf"
Add patch to fix tcpreplay CVE-2023-4256 dlt_jnpr_ether_cleanup: check config before cleanup Links: https://github.com/appneta/tcpreplay/pull/851 https://github.com/appneta/tcpreplay/issues/813#issuecomment-2245557093 Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com> --- .../tcpreplay/tcpreplay/CVE-2023-4256.patch | 27 +++++++++++++++++++ .../tcpreplay/tcpreplay_4.4.4.bb | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2023-4256.patch