Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions SPECS/nmap/CVE-2026-58058.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
From fa30389e3aab8a83b991e62944eaa5ab6cd6fbda Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 25 Jun 2026 21:58:49 +0000
Subject: [PATCH] Fix extension header parsing. Credit: Himanshu Anand

Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
Upstream-reference: https://github.com/nmap/nmap/commit/bb6754e76bb1686315008e1aa1c40202a513fb83.patch
---
libnetutil/netutil.cc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libnetutil/netutil.cc b/libnetutil/netutil.cc
index 011d249..e837b6c 100644
--- a/libnetutil/netutil.cc
+++ b/libnetutil/netutil.cc
@@ -621,11 +621,13 @@ static const void *ipv6_get_data_primitive(const struct ip6_hdr *ip6,
*nxt = ip6->ip6_nxt;
p += sizeof(*ip6);
while (p < end && ipv6_is_extension_header(*nxt)) {
- if (p + 2 > end)
+ if (p + 8 > end)
return NULL;
*nxt = *p;
p += (*(p + 1) + 1) * 8;
}
+ if (p >= end)
+ return NULL;

*len = end - p;
if (upperlayer_only && !ipv6_is_upperlayer(*nxt))
--
2.45.4

6 changes: 5 additions & 1 deletion SPECS/nmap/nmap.spec
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
Summary: Nmap Network Mapper
Name: nmap
Version: 7.95
Release: 3%{?dist}
Release: 4%{?dist}
License: Nmap
Vendor: Microsoft Corporation
Distribution: Azure Linux
Expand All @@ -22,6 +22,7 @@ Patch0: remove_openssl_macro.patch
Patch1: CVE-2024-8006.patch
Patch2: CVE-2023-7256.patch
Patch3: CVE-2025-11961.patch
Patch4: CVE-2026-58058.patch

%description
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing.
Expand Down Expand Up @@ -66,6 +67,9 @@ ln -s ncat %{buildroot}%{_bindir}/nc
%{_bindir}/nc

%changelog
* Tue Jun 30 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 7.95-4
- Patch for CVE-2026-58058

* Mon Jan 05 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 7.95-3
- Patch for CVE-2025-11961

Expand Down
Loading