diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-12-13 18:39:23 +0100 |
---|---|---|
committer | Adrian Dudau <adrian.dudau@enea.com> | 2017-12-14 14:37:36 +0100 |
commit | 1191bbadc88292d4fd9d4b1de762fb9acd57fcdf (patch) | |
tree | 466e3536068a49dd95e5602df5e7983bdb24875c /recipes-connectivity | |
parent | 6fe6de08fe746ae3df54eb3bb6eee35e95914b6d (diff) | |
download | meta-nfv-access-common-1191bbadc88292d4fd9d4b1de762fb9acd57fcdf.tar.gz |
openssl: Fix for CVE-2017-3735
openssl: Malformed X.509 IPAdressFamily could cause OOB read
References:
https://www.openssl.org/news/secadv/20170828.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3735
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Diffstat (limited to 'recipes-connectivity')
-rw-r--r-- | recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | 43 | ||||
-rw-r--r-- | recipes-connectivity/openssl/openssl_%.bbappend | 4 |
2 files changed, 47 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch new file mode 100644 index 0000000..b0f8189 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 31c8b265591a0aaa462a1f3eb5770661aaac67db Mon Sep 17 00:00:00 2001 | ||
2 | From: Rich Salz <rsalz@openssl.org> | ||
3 | Date: Tue, 22 Aug 2017 11:44:41 -0400 | ||
4 | Subject: [PATCH] Avoid out-of-bounds read | ||
5 | |||
6 | Fixes CVE-2017-3735 | ||
7 | |||
8 | CVE: CVE-2017-3735 | ||
9 | Upstream-Status: Backport | ||
10 | |||
11 | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> | ||
12 | (Merged from https://github.com/openssl/openssl/pull/4276) | ||
13 | |||
14 | (cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd) | ||
15 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
16 | --- | ||
17 | crypto/x509v3/v3_addr.c | 10 ++++++---- | ||
18 | 1 file changed, 6 insertions(+), 4 deletions(-) | ||
19 | |||
20 | diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c | ||
21 | index 1290dec..af080a0 100644 | ||
22 | --- a/crypto/x509v3/v3_addr.c | ||
23 | +++ b/crypto/x509v3/v3_addr.c | ||
24 | @@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi) | ||
25 | */ | ||
26 | unsigned int v3_addr_get_afi(const IPAddressFamily *f) | ||
27 | { | ||
28 | - return ((f != NULL && | ||
29 | - f->addressFamily != NULL && f->addressFamily->data != NULL) | ||
30 | - ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1])) | ||
31 | - : 0); | ||
32 | + if (f == NULL | ||
33 | + || f->addressFamily == NULL | ||
34 | + || f->addressFamily->data == NULL | ||
35 | + || f->addressFamily->length < 2) | ||
36 | + return 0; | ||
37 | + return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1]; | ||
38 | } | ||
39 | |||
40 | /* | ||
41 | -- | ||
42 | 1.9.1 | ||
43 | |||
diff --git a/recipes-connectivity/openssl/openssl_%.bbappend b/recipes-connectivity/openssl/openssl_%.bbappend new file mode 100644 index 0000000..a0b936a --- /dev/null +++ b/recipes-connectivity/openssl/openssl_%.bbappend | |||
@@ -0,0 +1,4 @@ | |||
1 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" | ||
2 | |||
3 | SRC_URI += "file://CVE-2017-3735.patch \ | ||
4 | " | ||