systemd: CVE-2016-7795

The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. The patch is a backport from the latest git repo. Please see the link below for more information. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795 (From OE-Core rev: 543570cafa8d7f595b489d03d05f0aa4478f8539) (From OE-Core rev: df3f4785fc69d3ddbd30ccd954aad3d3618c5916) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Chen Qi <Qi.Chen@windriver.com> 2016-10-26 14:09:47 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-11-16 10:37:56 +0000
commit: 57bcb0b50936d6727775f9b5d217bb99a312561a (patch)
tree: 9689d8267277d36fed0767ab4150e0332100f50a /meta/recipes-core/systemd/systemd_230.bb
parent: 698bbcad684a55bd8db0aaf9caf1c1bdff48a374 (diff)
download: poky-57bcb0b50936d6727775f9b5d217bb99a312561a.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd_230.bb b/meta/recipes-core/systemd/systemd_230.bb
index a949fe8dbf..19d144d3fa 100644
--- a/meta/recipes-core/systemd/systemd_230.bb
+++ b/meta/recipes-core/systemd/systemd_230.bb
@@ -36,6 +36,7 @@ SRC_URI += " \
           file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \
           file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \
           file://udev-re-enable-mount-propagation-for-udevd.patch \
+           file://CVE-2016-7795.patch \
 "
 SRC_URI_append_libc-uclibc = "\
           file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \
author	Chen Qi <Qi.Chen@windriver.com>	2016-10-26 14:09:47 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-11-16 10:37:56 +0000
commit	57bcb0b50936d6727775f9b5d217bb99a312561a (patch)
tree	9689d8267277d36fed0767ab4150e0332100f50a /meta/recipes-core/systemd/systemd_230.bb
parent	698bbcad684a55bd8db0aaf9caf1c1bdff48a374 (diff)
download	poky-57bcb0b50936d6727775f9b5d217bb99a312561a.tar.gz

diff --git a/meta/recipes-core/systemd/systemd_230.bb b/meta/recipes-core/systemd/systemd_230.bb index a949fe8dbf..19d144d3fa 100644 --- a/meta/recipes-core/systemd/systemd_230.bb +++ b/meta/recipes-core/systemd/systemd_230.bb
@@ -36,6 +36,7 @@ SRC_URI += " \
36	file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \	36	file://0021-include-missing.h-for-getting-secure_getenv-definiti.patch \
37	file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \	37	file://0022-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \
38	file://udev-re-enable-mount-propagation-for-udevd.patch \	38	file://udev-re-enable-mount-propagation-for-udevd.patch \
		39	file://CVE-2016-7795.patch \
39	"	40	"
40	SRC_URI_append_libc-uclibc = "\	41	SRC_URI_append_libc-uclibc = "\
41	file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \	42	file://0002-units-Prefer-getty-to-agetty-in-console-setup-system.patch \