diff options
| author | Nitin Wankhade <nitin.wankhade@kpit.com> | 2025-09-22 09:00:34 +0530 |
|---|---|---|
| committer | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-09-26 15:01:57 +0200 |
| commit | bfa5f662db7c35d46afb4e57fae5aabd6cf8189e (patch) | |
| tree | 467a6f0adc12e9e6127b962aef20dc98bbad923a | |
| parent | 4c10114c6624804c5e4ce2b04e51c7ffe4f879f8 (diff) | |
| download | meta-openembedded-bfa5f662db7c35d46afb4e57fae5aabd6cf8189e.tar.gz | |
iperf3: Fix CVE-2025-54350
remove assert to prevent crash due to assertion failure
on malformed authentication attempt
Reference: https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a
Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
| -rw-r--r-- | meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch | 25 | ||||
| -rw-r--r-- | meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb | 1 |
2 files changed, 26 insertions, 0 deletions
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch new file mode 100644 index 0000000000..c02d9ec0a3 --- /dev/null +++ b/meta-oe/recipes-benchmark/iperf3/iperf3/CVE-2025-54350.patch | |||
| @@ -0,0 +1,25 @@ | |||
| 1 | Subject: [PATCH] iperf3: Fix CVE-2025-54350 | ||
| 2 | |||
| 3 | CVE: CVE-2025-54350 | ||
| 4 | Upstream-Status: Backport [https://github.com/esnet/iperf/commit/4eab661da0bbaac04493fa40164e928c6df7934a] | ||
| 5 | Comment: Patch is refreshed as per codebase of 3.14 | ||
| 6 | Signed-off-by: Nitin Wankhade <nitin.wankhade333@gmail.com> | ||
| 7 | --- | ||
| 8 | --- a/src/iperf_auth.c 2025-08-19 12:02:47.706337000 +0530 | ||
| 9 | +++ b/src/iperf_auth.c 2025-08-19 13:16:01.653471517 +0530 | ||
| 10 | @@ -28,7 +28,6 @@ | ||
| 11 | #include "iperf_config.h" | ||
| 12 | |||
| 13 | #include <string.h> | ||
| 14 | -#include <assert.h> | ||
| 15 | #include <time.h> | ||
| 16 | #include <sys/types.h> | ||
| 17 | /* FreeBSD needs _WITH_GETLINE to enable the getline() declaration */ | ||
| 18 | @@ -150,7 +149,6 @@ | ||
| 19 | |||
| 20 | BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); //Do not use newlines to flush buffer | ||
| 21 | *length = BIO_read(bio, *buffer, strlen(b64message)); | ||
| 22 | - assert(*length == decodeLen); //length should equal decodeLen, else something went horribly wrong | ||
| 23 | BIO_free_all(bio); | ||
| 24 | |||
| 25 | return (0); //success | ||
diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb index d181eb3b02..41f336a11f 100644 --- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb +++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb | |||
| @@ -16,6 +16,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=dc6301c8256ceb8f71c9e3c2ae9096b9" | |||
| 16 | SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \ | 16 | SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \ |
| 17 | file://0002-Remove-pg-from-profile_CFLAGS.patch \ | 17 | file://0002-Remove-pg-from-profile_CFLAGS.patch \ |
| 18 | file://0001-configure.ac-check-for-CPP-prog.patch \ | 18 | file://0001-configure.ac-check-for-CPP-prog.patch \ |
| 19 | file://CVE-2025-54350.patch \ | ||
| 19 | " | 20 | " |
| 20 | 21 | ||
| 21 | SRCREV = "a0be85934144bc04712a6695b14ea6e45c379e1d" | 22 | SRCREV = "a0be85934144bc04712a6695b14ea6e45c379e1d" |