diff options
| author | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-12-13 18:39:23 +0100 |
|---|---|---|
| committer | Adrian Dudau <adrian.dudau@enea.com> | 2017-12-14 14:37:36 +0100 |
| commit | 1191bbadc88292d4fd9d4b1de762fb9acd57fcdf (patch) | |
| tree | 466e3536068a49dd95e5602df5e7983bdb24875c | |
| parent | 6fe6de08fe746ae3df54eb3bb6eee35e95914b6d (diff) | |
| download | meta-el-common-1191bbadc88292d4fd9d4b1de762fb9acd57fcdf.tar.gz | |
openssl: Fix for CVE-2017-3735
openssl: Malformed X.509 IPAdressFamily could cause OOB read
References:
https://www.openssl.org/news/secadv/20170828.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3735
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
| -rw-r--r-- | recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | 43 | ||||
| -rw-r--r-- | recipes-connectivity/openssl/openssl_%.bbappend | 4 |
2 files changed, 47 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch new file mode 100644 index 0000000..b0f8189 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | |||
| @@ -0,0 +1,43 @@ | |||
| 1 | From 31c8b265591a0aaa462a1f3eb5770661aaac67db Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Rich Salz <rsalz@openssl.org> | ||
| 3 | Date: Tue, 22 Aug 2017 11:44:41 -0400 | ||
| 4 | Subject: [PATCH] Avoid out-of-bounds read | ||
| 5 | |||
| 6 | Fixes CVE-2017-3735 | ||
| 7 | |||
| 8 | CVE: CVE-2017-3735 | ||
| 9 | Upstream-Status: Backport | ||
| 10 | |||
| 11 | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> | ||
| 12 | (Merged from https://github.com/openssl/openssl/pull/4276) | ||
| 13 | |||
| 14 | (cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd) | ||
| 15 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
| 16 | --- | ||
| 17 | crypto/x509v3/v3_addr.c | 10 ++++++---- | ||
| 18 | 1 file changed, 6 insertions(+), 4 deletions(-) | ||
| 19 | |||
| 20 | diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c | ||
| 21 | index 1290dec..af080a0 100644 | ||
| 22 | --- a/crypto/x509v3/v3_addr.c | ||
| 23 | +++ b/crypto/x509v3/v3_addr.c | ||
| 24 | @@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi) | ||
| 25 | */ | ||
| 26 | unsigned int v3_addr_get_afi(const IPAddressFamily *f) | ||
| 27 | { | ||
| 28 | - return ((f != NULL && | ||
| 29 | - f->addressFamily != NULL && f->addressFamily->data != NULL) | ||
| 30 | - ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1])) | ||
| 31 | - : 0); | ||
| 32 | + if (f == NULL | ||
| 33 | + || f->addressFamily == NULL | ||
| 34 | + || f->addressFamily->data == NULL | ||
| 35 | + || f->addressFamily->length < 2) | ||
| 36 | + return 0; | ||
| 37 | + return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1]; | ||
| 38 | } | ||
| 39 | |||
| 40 | /* | ||
| 41 | -- | ||
| 42 | 1.9.1 | ||
| 43 | |||
diff --git a/recipes-connectivity/openssl/openssl_%.bbappend b/recipes-connectivity/openssl/openssl_%.bbappend new file mode 100644 index 0000000..a0b936a --- /dev/null +++ b/recipes-connectivity/openssl/openssl_%.bbappend | |||
| @@ -0,0 +1,4 @@ | |||
| 1 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" | ||
| 2 | |||
| 3 | SRC_URI += "file://CVE-2017-3735.patch \ | ||
| 4 | " | ||