1 files changed, 32 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch b/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch
new file mode 100644
index 0000000000..aead04c485
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch
@@ -0,0 +1,32 @@
+From 37c90e117310728a4ad1eb998c0bbe7d79c4a398 Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Marcin=20Ko=C5=9Bcielnicki?= <mwk@0x04.net>
+Date: Thu, 21 Nov 2019 00:20:15 +0100
+Subject: [PATCH] rtld: Check __libc_enable_secure before honoring
+ LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
+The problem was introduced in glibc 2.23, in commit
+b9eb92ab05204df772eb4929eccd018637c9f3e9
+("Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT").
+(cherry picked from commit d5dfad4326fc683c813df1e37bbf5cf920591c8e)
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=37c90e117310728a4ad1eb998c0bbe7d79c4a398]
+CVE: CVE-2019-19126
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+---
+diff --git a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
+index 975cbe2..df2cdfd 100644
+--- a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
+++ b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
+@@ -31,7 +31,8 @@
+    environment variable, LD_PREFER_MAP_32BIT_EXEC.  */
+ #define EXTRA_LD_ENVVARS \
+   case 21:                                                               \
+-    if (memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0)              \
+    if (!__libc_enable_secure                                            \
+       && memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0)            \
+       GLRO(dl_x86_cpu_features).feature[index_arch_Prefer_MAP_32BIT_EXEC] \
+        |= bit_arch_Prefer_MAP_32BIT_EXEC;                                \
+     break;
+-- 
+2.9.3

diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch b/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch new file mode 100644 index 0000000000..aead04c485 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2019-19126.patch
@@ -0,0 +1,32 @@
	1	From 37c90e117310728a4ad1eb998c0bbe7d79c4a398 Mon Sep 17 00:00:00 2001
	2	From: =?utf8?q?Marcin=20Ko=C5=9Bcielnicki?= <mwk@0x04.net>
	3	Date: Thu, 21 Nov 2019 00:20:15 +0100
	4	Subject: [PATCH] rtld: Check __libc_enable_secure before honoring
	5	LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
	6
	7	The problem was introduced in glibc 2.23, in commit
	8	b9eb92ab05204df772eb4929eccd018637c9f3e9
	9	("Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT").
	10
	11	(cherry picked from commit d5dfad4326fc683c813df1e37bbf5cf920591c8e)
	12
	13	Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=37c90e117310728a4ad1eb998c0bbe7d79c4a398]
	14	CVE: CVE-2019-19126
	15	Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
	16	---
	17	diff --git a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
	18	index 975cbe2..df2cdfd 100644
	19	--- a/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
	20	+++ b/sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
	21	@@ -31,7 +31,8 @@
	22	environment variable, LD_PREFER_MAP_32BIT_EXEC. */
	23	#define EXTRA_LD_ENVVARS \
	24	case 21: \
	25	- if (memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0) \
	26	+ if (!__libc_enable_secure \
	27	+ && memcmp (envline, "PREFER_MAP_32BIT_EXEC", 21) == 0) \
	28	GLRO(dl_x86_cpu_features).feature[index_arch_Prefer_MAP_32BIT_EXEC] \
	29	\|= bit_arch_Prefer_MAP_32BIT_EXEC; \
	30	break;
	31	--
	32	2.9.3