diff options
| author | Yuanjie Huang <yuanjie.huang@windriver.com> | 2016-04-27 02:32:55 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-05-11 12:37:06 +0100 |
| commit | 49ce0e7d4a7bb3223aa33188fc987d651334ffe5 (patch) | |
| tree | bb17b1ff2e9b415b1f6601a8a3df91e488f7aa58 /meta/recipes-core/glibc/glibc_2.22.bb | |
| parent | 6b2102cd59c1ac48b8550dbbea0b83eada7e7b32 (diff) | |
| download | poky-49ce0e7d4a7bb3223aa33188fc987d651334ffe5.tar.gz | |
glibc: Fix CVE-2015-8778
CVE: CVE-2015-8778
Improve check against integer wraparound in hcreate_r [BZ #18240]
This is an integer overflow in hcreate and hcreate_r which can result in
an out-of-bound memory access. This could lead to application crashes
or, potentially, arbitrary code execution.
Upstream-Status: Backport [2.23]
(cherry-picked from commit bae7c7c7, 4bd228c8)
(From OE-Core rev: 71b051f51a44dad1fdca7ca6b3552d0aebdc91d3)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc_2.22.bb')
| -rw-r--r-- | meta/recipes-core/glibc/glibc_2.22.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc_2.22.bb b/meta/recipes-core/glibc/glibc_2.22.bb index a13b7f94bb..7b25847392 100644 --- a/meta/recipes-core/glibc/glibc_2.22.bb +++ b/meta/recipes-core/glibc/glibc_2.22.bb | |||
| @@ -47,6 +47,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ | |||
| 47 | file://CVE-2015-9761_2.patch \ | 47 | file://CVE-2015-9761_2.patch \ |
| 48 | file://CVE-2015-8776.patch \ | 48 | file://CVE-2015-8776.patch \ |
| 49 | file://CVE-2015-7547.patch \ | 49 | file://CVE-2015-7547.patch \ |
| 50 | file://CVE-2015-8778.patch \ | ||
| 50 | " | 51 | " |
| 51 | 52 | ||
| 52 | SRC_URI += "\ | 53 | SRC_URI += "\ |