diff options
author | Alistair Francis <alistair.francis@wdc.com> | 2019-10-14 17:43:16 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-10-19 23:18:33 +0100 |
commit | fdc1ccbb969b2fe80f0b32dce818ee237451c816 (patch) | |
tree | 989db9c9eb3ee5920bbb0da4757cca17a8beb101 /meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch | |
parent | 65cc5c2455af0699159dcb4e8564ea6fde5417d9 (diff) | |
download | poky-fdc1ccbb969b2fe80f0b32dce818ee237451c816.tar.gz |
u-boot: Bump from 2019.07 to 2019.10
(From OE-Core rev: 460f877adbfaf2ae980228c9d545886f82656c38)
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch')
-rw-r--r-- | meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch b/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch deleted file mode 100644 index 04a09e46df..0000000000 --- a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch +++ /dev/null | |||
@@ -1,44 +0,0 @@ | |||
1 | From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001 | ||
2 | From: "liucheng (G)" <liucheng32@huawei.com> | ||
3 | Date: Thu, 29 Aug 2019 13:47:40 +0000 | ||
4 | Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some | ||
5 | nfs_handler reply helper functions | ||
6 | MIME-Version: 1.0 | ||
7 | Content-Type: text/plain; charset=UTF-8 | ||
8 | Content-Transfer-Encoding: 8bit | ||
9 | |||
10 | This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197, | ||
11 | CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204. | ||
12 | |||
13 | Signed-off-by: Cheng Liu <liucheng32@huawei.com> | ||
14 | Reported-by: FermÃn Serna <fermin@semmle.com> | ||
15 | Acked-by: Joe Hershberger <joe.hershberger@ni.com> | ||
16 | |||
17 | Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; | ||
18 | h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21] | ||
19 | |||
20 | CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, | ||
21 | CVE-2019-14203 and CVE-2019-14204 | ||
22 | |||
23 | Signed-off-by: Meng Li <Meng.Li@windriver.com> | ||
24 | --- | ||
25 | net/nfs.c | 3 +++ | ||
26 | 1 file changed, 3 insertions(+) | ||
27 | |||
28 | diff --git a/net/nfs.c b/net/nfs.c | ||
29 | index d6a7f8e827..b7cf3b3a18 100644 | ||
30 | --- a/net/nfs.c | ||
31 | +++ b/net/nfs.c | ||
32 | @@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip, | ||
33 | |||
34 | debug("%s\n", __func__); | ||
35 | |||
36 | + if (len > sizeof(struct rpc_t)) | ||
37 | + return; | ||
38 | + | ||
39 | if (dest != nfs_our_port) | ||
40 | return; | ||
41 | |||
42 | -- | ||
43 | 2.17.1 | ||
44 | |||