sysstat: Fix CVE-2023-33204

References: https://nvd.nist.gov/vuln/detail/CVE-2023-33204 https://ubuntu.com/security/CVE-2023-33204 Upstream Patch: https://github.com/sysstat/sysstat/commit/954ff2e2673c (From OE-Core rev: 7a6871590b908e4b749484d913da5e280c20d05f) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Xiangyu Chen <xiangyu.chen@windriver.com> 2023-05-29 01:03:02 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-05-31 16:53:04 +0100
commit: 9eb992471f01ef55c043e65ec5d16b72eb38d031 (patch)
tree: e32e0b7a25b2cd8ddefb84b901f3238b8a852fca /meta/recipes-extended
parent: 5f022cd62c8b6a5170b4c52aaf4862be29fdc678 (diff)
download: poky-9eb992471f01ef55c043e65ec5d16b72eb38d031.tar.gz
2 files changed, 49 insertions, 1 deletions
diff --git a/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch
new file mode 100644
index 0000000000..a7b51f3217
--- /dev/null
+++ b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch
@@ -0,0 +1,46 @@
+From 0764cb56df4a5afdf04980c9eb6735f789f5aa42 Mon Sep 17 00:00:00 2001
+From: Pavel Kopylov <pkopylov@cloudlinux.com>
+Date: Wed, 17 May 2023 11:33:45 +0200
+Subject: [PATCH] Fix an overflow which is still possible for some values.
+CVE: CVE-2023-33204
+Upstream-Status: Backport [https://github.com/sysstat/sysstat/commit/954ff2e2673c]
+Backport Changes:
+Adopt additional changes as per following merge commit of pull request:
+https://github.com/sysstat/sysstat/commit/6f8dc568e6ab
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
+---
+ common.c | 14 ++++++++------
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+diff --git a/common.c b/common.c
+index a3d31a5..138920c 100644
+--- a/common.c
+++ b/common.c
+@@ -447,15 +447,17 @@ int check_dir(char *dirname)
+ void check_overflow(unsigned int val1, unsigned int val2,
+                    unsigned int val3)
+ {
+-       if ((unsigned long long) val1 * (unsigned long long) val2 *
+-           (unsigned long long) val3 > UINT_MAX) {
+       if ((val1 != 0) && (val2 != 0) && (val3 != 0) &&
+               (((unsigned long long)UINT_MAX / (unsigned long long)val1 <
+               (unsigned long long)val2) ||
+               ((unsigned long long)UINT_MAX / ((unsigned long long)val1 *
+               (unsigned long long)val2) < (unsigned long long)val3))) {
+ #ifdef DEBUG
+-               fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
+-                       __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
+-                       (unsigned long long) val3);
+               fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n",
+                       __FUNCTION__, val1, val2, val3);
+ #endif
+        exit(4);
+-               }
+       }
+ }
+ 
+ #ifndef SOURCE_SADC
diff --git a/meta/recipes-extended/sysstat/sysstat_12.6.2.bb b/meta/recipes-extended/sysstat/sysstat_12.6.2.bb
index f9e5778e76..b5014eaefb 100644
--- a/meta/recipes-extended/sysstat/sysstat_12.6.2.bb
+++ b/meta/recipes-extended/sysstat/sysstat_12.6.2.bb
@@ -2,6 +2,8 @@ require sysstat.inc
 LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"
-SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch"
+SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch \
+            file://CVE-2023-33204.patch \
+            "
 SRC_URI[sha256sum] = "3e77134aedaa6fc57d9745da67edfd8990e19adee71ac47196229261c563fb48"
author	Xiangyu Chen <xiangyu.chen@windriver.com>	2023-05-29 01:03:02 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-05-31 16:53:04 +0100
commit	9eb992471f01ef55c043e65ec5d16b72eb38d031 (patch)
tree	e32e0b7a25b2cd8ddefb84b901f3238b8a852fca /meta/recipes-extended
parent	5f022cd62c8b6a5170b4c52aaf4862be29fdc678 (diff)
download	poky-9eb992471f01ef55c043e65ec5d16b72eb38d031.tar.gz

diff --git a/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch new file mode 100644 index 0000000000..a7b51f3217 --- /dev/null +++ b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch
@@ -0,0 +1,46 @@
		1	From 0764cb56df4a5afdf04980c9eb6735f789f5aa42 Mon Sep 17 00:00:00 2001
		2	From: Pavel Kopylov <pkopylov@cloudlinux.com>
		3	Date: Wed, 17 May 2023 11:33:45 +0200
		4	Subject: [PATCH] Fix an overflow which is still possible for some values.
		5
		6	CVE: CVE-2023-33204
		7	Upstream-Status: Backport [https://github.com/sysstat/sysstat/commit/954ff2e2673c]
		8
		9	Backport Changes:
		10	Adopt additional changes as per following merge commit of pull request:
		11	https://github.com/sysstat/sysstat/commit/6f8dc568e6ab
		12
		13	Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
		14	Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
		15	---
		16	common.c \| 14 ++++++++------
		17	1 file changed, 8 insertions(+), 6 deletions(-)
		18
		19	diff --git a/common.c b/common.c
		20	index a3d31a5..138920c 100644
		21	--- a/common.c
		22	+++ b/common.c
		23	@@ -447,15 +447,17 @@ int check_dir(char *dirname)
		24	void check_overflow(unsigned int val1, unsigned int val2,
		25	unsigned int val3)
		26	{
		27	- if ((unsigned long long) val1 * (unsigned long long) val2 *
		28	- (unsigned long long) val3 > UINT_MAX) {
		29	+ if ((val1 != 0) && (val2 != 0) && (val3 != 0) &&
		30	+ (((unsigned long long)UINT_MAX / (unsigned long long)val1 <
		31	+ (unsigned long long)val2) \|\|
		32	+ ((unsigned long long)UINT_MAX / ((unsigned long long)val1 *
		33	+ (unsigned long long)val2) < (unsigned long long)val3))) {
		34	#ifdef DEBUG
		35	- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
		36	- __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
		37	- (unsigned long long) val3);
		38	+ fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n",
		39	+ __FUNCTION__, val1, val2, val3);
		40	#endif
		41	exit(4);
		42	- }
		43	+ }
		44	}
		45
		46	#ifndef SOURCE_SADC


diff --git a/meta/recipes-extended/sysstat/sysstat_12.6.2.bb b/meta/recipes-extended/sysstat/sysstat_12.6.2.bb index f9e5778e76..b5014eaefb 100644 --- a/meta/recipes-extended/sysstat/sysstat_12.6.2.bb +++ b/meta/recipes-extended/sysstat/sysstat_12.6.2.bb
@@ -2,6 +2,8 @@ require sysstat.inc
2		2
3	LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"	3	LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"
4		4
5	SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch"	5	SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch \
		6	file://CVE-2023-33204.patch \
		7	"
6		8
7	SRC_URI[sha256sum] = "3e77134aedaa6fc57d9745da67edfd8990e19adee71ac47196229261c563fb48"	9	SRC_URI[sha256sum] = "3e77134aedaa6fc57d9745da67edfd8990e19adee71ac47196229261c563fb48"