new file mode 100644
@@ -0,0 +1,41 @@
+From e180152d3dae668249f78c72a55a4ba436b57af7 Mon Sep 17 00:00:00 2001
+From: Darius Davis <darius-wireshark@free-range.com.au>
+Date: Sat, 25 Oct 2025 15:01:34 +1000
+Subject: [PATCH] Kafka: Fix decompress_snappy with no xerial chunks.
+
+Instead of returning true without setting outputs, report a failure to
+decompress and return false to the caller.
+
+Fix #20823
+
+(cherry picked from commit 49137f8ce93c9f7ac55b69c8e089ba6a422f633e)
+
+CVE: CVE-2025-13499
+Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/e180152d3dae668249f78c72a55a4ba436b57af7]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ epan/dissectors/packet-kafka.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/epan/dissectors/packet-kafka.c b/epan/dissectors/packet-kafka.c
+index 5fe32f7..7b5ac03 100644
+--- a/epan/dissectors/packet-kafka.c
++++ b/epan/dissectors/packet-kafka.c
+@@ -1788,12 +1788,12 @@ decompress_snappy(tvbuff_t *tvb, packet_info *pinfo, int offset, guint32 length,
+ if (rc != SNAPPY_OK) {
+ goto end;
+ }
++ ret = composite_tvb != NULL;
+
+ *decompressed_tvb = tvb_new_child_real_data(tvb, decompressed_buffer, (guint)uncompressed_size, (gint)uncompressed_size);
+ *decompressed_offset = 0;
+-
++ ret = TRUE;
+ }
+- ret = TRUE;
+ end:
+ if (composite_tvb) {
+ tvb_composite_finalize(composite_tvb);
+--
+2.50.1
+
@@ -31,6 +31,7 @@ SRC_URI += " \
file://CVE-2023-4511.patch \
file://CVE-2023-6175.patch \
file://CVE-2024-2955.patch \
+ file://CVE-2025-13499.patch \
"
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/e180152d3dae668249f78c72a55a4ba436b57af7 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> --- .../wireshark/files/CVE-2025-13499.patch | 41 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 42 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2025-13499.patch