1 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
new file mode 100644
index 0000000000..d605204f89
--- /dev/null
+++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
@@ -0,0 +1,40 @@
+From 5c959166ebee7605e2048de573f2475b4d731ff7 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Thu, 6 Oct 2022 09:42:59 +0530
+Subject: [PATCH] CVE-2022-2929
+Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/]
+CVE: CVE-2022-2929
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ common/options.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+diff --git a/common/options.c b/common/options.c
+index 4e53bb4..28800fc 100644
+--- a/common/options.c
+++ b/common/options.c
+@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
+                while (s < &bp -> data[0] + length + 2) {
+                        len = *s;
+                        if (len > 63) {
+-                               log_info ("fancy bits in fqdn option");
+-                               return 0;
+                               log_info ("label length exceeds 63 in fqdn option");
+                               goto bad;
+                        }
+                        if (len == 0) {
+                                terminated = 1;
+                                break;
+                        }
+                        if (s + len > &bp -> data [0] + length + 3) {
+-                               log_info ("fqdn tag longer than buffer");
+-                               return 0;
+                               log_info ("fqdn label longer than buffer");
+                               goto bad;
+                        }
+ 
+                        if (first_len == 0) {
+-- 
+2.25.1

diff --git a/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch new file mode 100644 index 0000000000..d605204f89 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/CVE-2022-2929.patch
@@ -0,0 +1,40 @@
	1	From 5c959166ebee7605e2048de573f2475b4d731ff7 Mon Sep 17 00:00:00 2001
	2	From: Hitendra Prajapati <hprajapati@mvista.com>
	3	Date: Thu, 6 Oct 2022 09:42:59 +0530
	4	Subject: [PATCH] CVE-2022-2929
	5
	6	Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/]
	7	CVE: CVE-2022-2929
	8	Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
	9	---
	10	common/options.c \| 8 ++++----
	11	1 file changed, 4 insertions(+), 4 deletions(-)
	12
	13	diff --git a/common/options.c b/common/options.c
	14	index 4e53bb4..28800fc 100644
	15	--- a/common/options.c
	16	+++ b/common/options.c
	17	@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options,
	18	while (s < &bp -> data[0] + length + 2) {
	19	len = *s;
	20	if (len > 63) {
	21	- log_info ("fancy bits in fqdn option");
	22	- return 0;
	23	+ log_info ("label length exceeds 63 in fqdn option");
	24	+ goto bad;
	25	}
	26	if (len == 0) {
	27	terminated = 1;
	28	break;
	29	}
	30	if (s + len > &bp -> data [0] + length + 3) {
	31	- log_info ("fqdn tag longer than buffer");
	32	- return 0;
	33	+ log_info ("fqdn label longer than buffer");
	34	+ goto bad;
	35	}
	36
	37	if (first_len == 0) {
	38	--
	39	2.25.1
	40