diff options
author | Dragos-Marian Panait <dragos.panait@windriver.com> | 2021-08-10 12:27:34 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-08-13 14:44:01 +0100 |
commit | 9822232b4abd811bb9c8562f98c0aefc748340a0 (patch) | |
tree | 34e2f49cfe4b2c4c5cd390d332c816009a6469e1 | |
parent | 139e9a0fe59413fc98f1fb6112765a7a40192a4f (diff) | |
download | openembedded-core-9822232b4abd811bb9c8562f98c0aefc748340a0.tar.gz |
util-linux: fix CVE-2021-37600
sys-utils/ipcutils: be careful when call calloc() for uint64 nmembs
Fix: #1395
Signed-off-by: Karel Zak <kzak@redhat.com>
CVE: CVE-2021-37600
Upstream-Status: Backport [1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c]
Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-core/util-linux/util-linux.inc | 1 | ||||
-rw-r--r-- | meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch | 33 |
2 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc index a76fb9e500..0f17c73e86 100644 --- a/meta/recipes-core/util-linux/util-linux.inc +++ b/meta/recipes-core/util-linux/util-linux.inc @@ -35,6 +35,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin file://run-ptest \ file://display_testname_for_subtest.patch \ file://avoid_parallel_tests.patch \ + file://CVE-2021-37600.patch \ " SRC_URI[sha256sum] = "8e4bd42053b726cf86eb4d13a73bc1d9225a2c2e1a2e0d2a891f1020f83e6b76" diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch new file mode 100644 index 0000000000..2b306c435b --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch @@ -0,0 +1,33 @@ +From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001 +From: Karel Zak <kzak@redhat.com> +Date: Tue, 27 Jul 2021 11:58:31 +0200 +Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64 + nmembs + +Fix: https://github.com/karelzak/util-linux/issues/1395 +Signed-off-by: Karel Zak <kzak@redhat.com> + +CVE: CVE-2021-37600 +Upstream-Status: Backport [1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c] + +Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com> +--- + sys-utils/ipcutils.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c +index e784c4dcb..18868cfd3 100644 +--- a/sys-utils/ipcutils.c ++++ b/sys-utils/ipcutils.c +@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p) + { + size_t i; + +- if (!p || !p->sem_nsems || p->sem_perm.id < 0) ++ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0) + return; + + p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem)); +-- +2.25.1 + |