util-linux: fix CVE 2021-37600

Backport patch, which should be in next release (2.37.2). (From OE-Core rev: 15d1509861095580905cd5e9306fbda4729b9008) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Joe Slater <joe.slater@windriver.com> 2021-08-04 09:57:51 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-08-14 12:01:44 +0100
commit: f21acadd379f365ece8ef1c6085911d63d20038f (patch)
tree: 6ce7a28b5d70b150aaa8b591924b61324180a4b4 /meta/recipes-core
parent: 178756ee53a019b41dcc42574372f1c4fe112314 (diff)
download: poky-f21acadd379f365ece8ef1c6085911d63d20038f.tar.gz
2 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc
index 6b47f417aa..b21d6d46d2 100644
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -36,5 +36,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
           file://display_testname_for_subtest.patch \
           file://avoid_parallel_tests.patch \
           file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \
+           file://CVE-2021-37600.patch \
           "
 SRC_URI[sha256sum] = "f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"
diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
new file mode 100644
index 0000000000..11934eee8d
--- /dev/null
+++ b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
@@ -0,0 +1,38 @@
+From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
+ nmembs
+Fix: https://github.com/karelzak/util-linux/issues/1395
+Signed-off-by: Karel Zak <kzak@redhat.com>
+CVE: CVE-2021-37600
+after version 2.37.1
+https://github.com/karelzak/util-linux.git 1c9143d0c1d...
+unmodified
+Upstream-Status: Backport
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index e784c4d..18868cf 100644
+--- a/sys-utils/ipcutils.c
+++ b/sys-utils/ipcutils.c
+@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+        size_t i;
+ 
+-       if (!p || !p->sem_nsems || p->sem_perm.id < 0)
+       if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+                return;
+ 
+        p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
+-- 
+2.7.4
author	Joe Slater <joe.slater@windriver.com>	2021-08-04 09:57:51 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-08-14 12:01:44 +0100
commit	f21acadd379f365ece8ef1c6085911d63d20038f (patch)
tree	6ce7a28b5d70b150aaa8b591924b61324180a4b4 /meta/recipes-core
parent	178756ee53a019b41dcc42574372f1c4fe112314 (diff)
download	poky-f21acadd379f365ece8ef1c6085911d63d20038f.tar.gz

diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc index 6b47f417aa..b21d6d46d2 100644 --- a/meta/recipes-core/util-linux/util-linux.inc +++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -36,5 +36,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
36	file://display_testname_for_subtest.patch \	36	file://display_testname_for_subtest.patch \
37	file://avoid_parallel_tests.patch \	37	file://avoid_parallel_tests.patch \
38	file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \	38	file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \
		39	file://CVE-2021-37600.patch \
39	"	40	"
40	SRC_URI[sha256sum] = "f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"	41	SRC_URI[sha256sum] = "f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"


diff --git a/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch new file mode 100644 index 0000000000..11934eee8d --- /dev/null +++ b/meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
@@ -0,0 +1,38 @@
		1	From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
		2	From: Karel Zak <kzak@redhat.com>
		3	Date: Tue, 27 Jul 2021 11:58:31 +0200
		4	Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
		5	nmembs
		6
		7	Fix: https://github.com/karelzak/util-linux/issues/1395
		8	Signed-off-by: Karel Zak <kzak@redhat.com>
		9
		10	CVE: CVE-2021-37600
		11
		12	after version 2.37.1
		13	https://github.com/karelzak/util-linux.git 1c9143d0c1d...
		14	unmodified
		15
		16	Upstream-Status: Backport
		17
		18	Signed-off-by: Joe Slater <joe.slater@windriver.com>
		19	---
		20	sys-utils/ipcutils.c \| 2 +-
		21	1 file changed, 1 insertion(+), 1 deletion(-)
		22
		23	diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
		24	index e784c4d..18868cf 100644
		25	--- a/sys-utils/ipcutils.c
		26	+++ b/sys-utils/ipcutils.c
		27	@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
		28	{
		29	size_t i;
		30
		31	- if (!p \|\| !p->sem_nsems \|\| p->sem_perm.id < 0)
		32	+ if (!p \|\| !p->sem_nsems \|\| p->sem_nsems > SIZE_MAX \|\| p->sem_perm.id < 0)
		33	return;
		34
		35	p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
		36	--
		37	2.7.4
		38