Jose Maldonado <[email protected]> wrote: > El Fri, 02 Feb 2024 08:54:58 -0700 > "Theo de Raadt" <[email protected]> escribió: > > tcpdump will *NEVER* be updated to newer code, because our tcpdump is > > a significant rewrite for privsep. The upstream tcpdump developers > > don't understand what privsep is. > > > > This means the parsers are run without any permissions. They should > > still be correct (so someone will look at this diff), but exploitation > > of bugs, beyond a boring crash, is exceedingly difficult. > > > > As Theo says, the implementation of tcpdump in OpenBSD is completely > different and the checks performed on the functions pointed by the > commits are treated differently due to privsep on OpenBSD.
No, that's incorrect. Buffer mismanagement is still serious, and needs to be fixed. It just isn't as serious a crisis, because of the layered defense. There's another thing going on. The range checks mechanisms are slightly different. I've punted this to the experts in our group.
