1 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
new file mode 100644
index 0000000000..9c78a3dfa0
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
@@ -0,0 +1,48 @@
+CVE: CVE-2018-19591
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+From ce6ba630dbc96f49eb1f30366aa62261df4792f9 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Tue, 27 Nov 2018 16:12:43 +0100
+Subject: [PATCH] CVE-2018-19591: if_nametoindex: Fix descriptor for overlong
+ name [BZ #23927]
+(cherry picked from commit d527c860f5a3f0ed687bd03f0cb464612dc23408)
+---
+ ChangeLog                          |  7 +++++++
+ NEWS                               |  6 ++++++
+ sysdeps/unix/sysv/linux/if_index.c | 11 ++++++-----
+ 3 files changed, 19 insertions(+), 5 deletions(-)
+diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
+index e3d08982d9..782fc5e175 100644
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
+   return 0;
+ #else
+   struct ifreq ifr;
+-  int fd = __opensock ();
+-
+-  if (fd < 0)
+-    return 0;
+-
+   if (strlen (ifname) >= IFNAMSIZ)
+     {
+       __set_errno (ENODEV);
+@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
+     }
+ 
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+
+  int fd = __opensock ();
+
+  if (fd < 0)
+    return 0;
+
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
+       int saved_errno = errno;
+-- 
+2.11.0

diff --git a/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch new file mode 100644 index 0000000000..9c78a3dfa0 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
@@ -0,0 +1,48 @@
	1	CVE: CVE-2018-19591
	2	Upstream-Status: Backport
	3	Signed-off-by: Ross Burton <ross.burton@intel.com>
	4
	5	From ce6ba630dbc96f49eb1f30366aa62261df4792f9 Mon Sep 17 00:00:00 2001
	6	From: Florian Weimer <fweimer@redhat.com>
	7	Date: Tue, 27 Nov 2018 16:12:43 +0100
	8	Subject: [PATCH] CVE-2018-19591: if_nametoindex: Fix descriptor for overlong
	9	name [BZ #23927]
	10
	11	(cherry picked from commit d527c860f5a3f0ed687bd03f0cb464612dc23408)
	12	---
	13	ChangeLog \| 7 +++++++
	14	NEWS \| 6 ++++++
	15	sysdeps/unix/sysv/linux/if_index.c \| 11 ++++++-----
	16	3 files changed, 19 insertions(+), 5 deletions(-)
	17
	18	diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
	19	index e3d08982d9..782fc5e175 100644
	20	--- a/sysdeps/unix/sysv/linux/if_index.c
	21	+++ b/sysdeps/unix/sysv/linux/if_index.c
	22	@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
	23	return 0;
	24	#else
	25	struct ifreq ifr;
	26	- int fd = __opensock ();
	27	-
	28	- if (fd < 0)
	29	- return 0;
	30	-
	31	if (strlen (ifname) >= IFNAMSIZ)
	32	{
	33	__set_errno (ENODEV);
	34	@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
	35	}
	36
	37	strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
	38	+
	39	+ int fd = __opensock ();
	40	+
	41	+ if (fd < 0)
	42	+ return 0;
	43	+
	44	if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
	45	{
	46	int saved_errno = errno;
	47	--
	48	2.11.0