From 15388c440d6792592f7d0cdeea1a3f15bda414e5 Mon Sep 17 00:00:00 2001
From: Zqiang <qiang.zhang@windriver.com>
Date: Fri, 10 Sep 2021 11:21:04 +0800
Subject: openvswitch: fix CVE-2021-36980

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has
a use-after-free in decode_NXAST_RAW_ENCAP (called from
ofpact_decode and ofpacts_decode) during the decoding of
a RAW_ENCAP action.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-36980

Patches from:
https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3

Signed-off-by: Zqiang <qiang.zhang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 recipes-networking/openvswitch/openvswitch_git.bb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'recipes-networking/openvswitch/openvswitch_git.bb')

diff --git a/recipes-networking/openvswitch/openvswitch_git.bb b/recipes-networking/openvswitch/openvswitch_git.bb
index 412a7075..303f200b 100644
--- a/recipes-networking/openvswitch/openvswitch_git.bb
+++ b/recipes-networking/openvswitch/openvswitch_git.bb
@@ -28,6 +28,7 @@ SRC_URI += "git://github.com/openvswitch/ovs.git;protocol=git;branch=branch-2.15
             file://systemd-update-tool-paths.patch \
             file://systemd-create-runtime-dirs.patch \
             file://0001-ovs-use-run-instead-of-var-run-for-in-systemd-units.patch \
+            file://0001-ofp-actions-Fix-use-after-free-while-decoding-RAW_EN.patch \
            "
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=1ce5d23a6429dff345518758f13aaeab"
-- 
cgit v1.2.3-54-g00ecf