summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGyorgy Sarvari <skandigraun@gmail.com>2025-11-30 21:35:05 +0100
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-12-03 10:31:31 +0530
commit138ac945d9bec1b2f375f8c19eb91205c7d8bc7e (patch)
treeb9abd5a07a4e6813cc2d959daafe9b3d014dde54
parent05fd7d83ff35c7d3f6b6decf3b9ab92ed6ad92f8 (diff)
downloadmeta-openembedded-138ac945d9bec1b2f375f8c19eb91205c7d8bc7e.tar.gz
yasm: patch CVE-2023-29579
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-29579 The patch was taken from Debian: https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/ Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit cc30757a7fd0af5f60b9a6408b3eb94c0810acda) Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
-rw-r--r--meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch39
-rw-r--r--meta-oe/recipes-devtools/yasm/yasm_git.bb3
2 files changed, 41 insertions, 1 deletions
diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch
new file mode 100644
index 0000000000..58b4ed1996
--- /dev/null
+++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch
@@ -0,0 +1,39 @@
1From 81c1b7b0a28f052eaadddcb010944bf67e6ae257 Mon Sep 17 00:00:00 2001
2From: Gyorgy Sarvari <skandigraun@gmail.com>
3Date: Sat, 15 Nov 2025 13:24:21 +0100
4Subject: [PATCH] Make sure CPU feature parsing use large enough string buffer.
5 Fixes CVE-2023-29579.
6
7Author: Petter Reinholdtsen <pere@debian.org>
8Bug: https://github.com/yasm/yasm/issues/214
9Bug-Debian: https://bugs.debian.org/1035951
10Forwarded: https://github.com/yasm/yasm/issues/214
11Last-Update: 2025-04-30
12
13This patch is taken from Debian:
14https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/
15
16CVE: CVE-2023-29579
17Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/214]
18
19Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
20---
21 modules/arch/x86/x86arch.c | 5 +++--
22 1 file changed, 3 insertions(+), 2 deletions(-)
23
24diff --git a/modules/arch/x86/x86arch.c b/modules/arch/x86/x86arch.c
25index bac11774..58327958 100644
26--- a/modules/arch/x86/x86arch.c
27+++ b/modules/arch/x86/x86arch.c
28@@ -165,8 +165,9 @@ x86_dir_cpu(yasm_object *object, yasm_valparamhead *valparams,
29 yasm_error_set(YASM_ERROR_SYNTAX,
30 N_("invalid argument to [%s]"), "CPU");
31 else {
32- char strcpu[16];
33- sprintf(strcpu, "%lu", yasm_intnum_get_uint(intcpu));
34+ char strcpu[21]; /* 21 = ceil(log10(LONG_MAX)+1) */
35+ assert(8*sizeof(unsigned long) <= 64);
36+ snprintf(strcpu, sizeof(strcpu), "%lu", yasm_intnum_get_uint(intcpu));
37 yasm_x86__parse_cpu(arch_x86, strcpu, strlen(strcpu));
38 }
39 } else
diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb
index 71d3c7e47e..bce62caadd 100644
--- a/meta-oe/recipes-devtools/yasm/yasm_git.bb
+++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb
@@ -17,7 +17,8 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
17 file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \ 17 file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \
18 file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \ 18 file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \
19 file://CVE-2024-22653.patch \ 19 file://CVE-2024-22653.patch \
20" 20 file://CVE-2023-29579.patch \
21 "
21 22
22S = "${WORKDIR}/git" 23S = "${WORKDIR}/git"
23 24