diff options
author | Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | 2022-11-14 20:20:23 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-12-07 15:06:36 +0000 |
commit | 4341dc995398c36f9ea48446e415a094dfd0a8bd (patch) | |
tree | e5996e42c690f07b0052111a561cf33e978c0af6 /meta/recipes-core/systemd/systemd_244.5.bb | |
parent | 4978b9a24fef2047f2f86ecdd7e6deb14d34a1c0 (diff) | |
download | poky-4341dc995398c36f9ea48446e415a094dfd0a8bd.tar.gz |
systemd: Fix CVE-2022-3821 issue
An off-by-one Error issue was discovered in Systemd in format_timespan()
function of time-util.c. An attacker could supply specific values for
time and accuracy that leads to buffer overrun in format_timespan(),
leading to a Denial of Service.
Add a patch to solve above CVE issue
Link: https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
(From OE-Core rev: e2db40ca49b8ed217f14c7f861087837e8b3f389)
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/systemd/systemd_244.5.bb')
-rw-r--r-- | meta/recipes-core/systemd/systemd_244.5.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd_244.5.bb b/meta/recipes-core/systemd/systemd_244.5.bb index f3e5395465..77ef2bc42f 100644 --- a/meta/recipes-core/systemd/systemd_244.5.bb +++ b/meta/recipes-core/systemd/systemd_244.5.bb | |||
@@ -33,6 +33,7 @@ SRC_URI += "file://touchscreen.rules \ | |||
33 | file://CVE-2021-3997-1.patch \ | 33 | file://CVE-2021-3997-1.patch \ |
34 | file://CVE-2021-3997-2.patch \ | 34 | file://CVE-2021-3997-2.patch \ |
35 | file://CVE-2021-3997-3.patch \ | 35 | file://CVE-2021-3997-3.patch \ |
36 | file://CVE-2022-3821.patch \ | ||
36 | " | 37 | " |
37 | 38 | ||
38 | # patches needed by musl | 39 | # patches needed by musl |