summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorAnkur Tyagi <ankur.tyagi85@gmail.com>2025-12-24 13:19:28 +0530
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-12-30 07:08:13 +0530
commit3750ce0e75c189bf6ae0c27cb77c93b0b994bc42 (patch)
tree41b314357fa63514944aa5668f8a6aa40ac55c88 /meta-networking
parent50906d9169dc8055acd279706357d13c8f38c102 (diff)
downloadmeta-openembedded-3750ce0e75c189bf6ae0c27cb77c93b0b994bc42.tar.gz
libiec61850: patch CVE-2024-45969
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45969 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch32
-rw-r--r--meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb1
2 files changed, 33 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch
new file mode 100644
index 0000000000..99caab9cf1
--- /dev/null
+++ b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch
@@ -0,0 +1,32 @@
1From 9dfac54daace18d3d3b0ef09d8beecc562e29c1d Mon Sep 17 00:00:00 2001
2From: Michael Zillgith <michael.zillgith@mz-automation.de>
3Date: Wed, 27 Mar 2024 12:26:58 +0000
4Subject: [PATCH] - ACSE: added check for minimum message size (LIB61850-438)
5
6CVE: CVE-2024-45969
7Upstream-Status: Backport [https://github.com/mz-automation/libiec61850/commit/7afa40390b26ad1f4cf93deaa0052fe7e357ef33]
8(cherry picked from commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33)
9Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
10---
11 src/mms/iso_acse/acse.c | 8 ++++++++
12 1 file changed, 8 insertions(+)
13
14diff --git a/src/mms/iso_acse/acse.c b/src/mms/iso_acse/acse.c
15index f46b024d..40ecafe0 100644
16--- a/src/mms/iso_acse/acse.c
17+++ b/src/mms/iso_acse/acse.c
18@@ -420,6 +420,14 @@ AcseConnection_parseMessage(AcseConnection* self, ByteBuffer* message)
19 {
20 AcseIndication indication = ACSE_ERROR;
21
22+ if (message == NULL || message->size < 1)
23+ {
24+ if (DEBUG_ACSE)
25+ printf("ACSE: invalid message - no payload\n");
26+
27+ return ACSE_ERROR;
28+ }
29+
30 uint8_t* buffer = message->buffer;
31
32 int messageSize = message->size;
diff --git a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb
index 20dd447c7e..ea8c16e3dc 100644
--- a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb
+++ b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb
@@ -21,6 +21,7 @@ SRC_URI = "git://github.com/mz-automation/${BPN}.git;branch=v1.5;protocol=https
21 file://CVE-2024-26529.patch \ 21 file://CVE-2024-26529.patch \
22 file://CVE-2024-45970.patch \ 22 file://CVE-2024-45970.patch \
23 file://CVE-2024-45971.patch \ 23 file://CVE-2024-45971.patch \
24 file://CVE-2024-45969.patch \
24" 25"
25 26
26S = "${WORKDIR}/git" 27S = "${WORKDIR}/git"