diff options
| author | Ankur Tyagi <ankur.tyagi85@gmail.com> | 2025-12-24 13:19:28 +0530 |
|---|---|---|
| committer | Anuj Mittal <anuj.mittal@oss.qualcomm.com> | 2025-12-30 07:08:13 +0530 |
| commit | 3750ce0e75c189bf6ae0c27cb77c93b0b994bc42 (patch) | |
| tree | 41b314357fa63514944aa5668f8a6aa40ac55c88 /meta-networking | |
| parent | 50906d9169dc8055acd279706357d13c8f38c102 (diff) | |
| download | meta-openembedded-3750ce0e75c189bf6ae0c27cb77c93b0b994bc42.tar.gz | |
libiec61850: patch CVE-2024-45969
Details https://nvd.nist.gov/vuln/detail/CVE-2024-45969
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking')
| -rw-r--r-- | meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch | 32 | ||||
| -rw-r--r-- | meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb | 1 |
2 files changed, 33 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch new file mode 100644 index 0000000000..99caab9cf1 --- /dev/null +++ b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch | |||
| @@ -0,0 +1,32 @@ | |||
| 1 | From 9dfac54daace18d3d3b0ef09d8beecc562e29c1d Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Michael Zillgith <michael.zillgith@mz-automation.de> | ||
| 3 | Date: Wed, 27 Mar 2024 12:26:58 +0000 | ||
| 4 | Subject: [PATCH] - ACSE: added check for minimum message size (LIB61850-438) | ||
| 5 | |||
| 6 | CVE: CVE-2024-45969 | ||
| 7 | Upstream-Status: Backport [https://github.com/mz-automation/libiec61850/commit/7afa40390b26ad1f4cf93deaa0052fe7e357ef33] | ||
| 8 | (cherry picked from commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33) | ||
| 9 | Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> | ||
| 10 | --- | ||
| 11 | src/mms/iso_acse/acse.c | 8 ++++++++ | ||
| 12 | 1 file changed, 8 insertions(+) | ||
| 13 | |||
| 14 | diff --git a/src/mms/iso_acse/acse.c b/src/mms/iso_acse/acse.c | ||
| 15 | index f46b024d..40ecafe0 100644 | ||
| 16 | --- a/src/mms/iso_acse/acse.c | ||
| 17 | +++ b/src/mms/iso_acse/acse.c | ||
| 18 | @@ -420,6 +420,14 @@ AcseConnection_parseMessage(AcseConnection* self, ByteBuffer* message) | ||
| 19 | { | ||
| 20 | AcseIndication indication = ACSE_ERROR; | ||
| 21 | |||
| 22 | + if (message == NULL || message->size < 1) | ||
| 23 | + { | ||
| 24 | + if (DEBUG_ACSE) | ||
| 25 | + printf("ACSE: invalid message - no payload\n"); | ||
| 26 | + | ||
| 27 | + return ACSE_ERROR; | ||
| 28 | + } | ||
| 29 | + | ||
| 30 | uint8_t* buffer = message->buffer; | ||
| 31 | |||
| 32 | int messageSize = message->size; | ||
diff --git a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb index 20dd447c7e..ea8c16e3dc 100644 --- a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb +++ b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb | |||
| @@ -21,6 +21,7 @@ SRC_URI = "git://github.com/mz-automation/${BPN}.git;branch=v1.5;protocol=https | |||
| 21 | file://CVE-2024-26529.patch \ | 21 | file://CVE-2024-26529.patch \ |
| 22 | file://CVE-2024-45970.patch \ | 22 | file://CVE-2024-45970.patch \ |
| 23 | file://CVE-2024-45971.patch \ | 23 | file://CVE-2024-45971.patch \ |
| 24 | file://CVE-2024-45969.patch \ | ||
| 24 | " | 25 | " |
| 25 | 26 | ||
| 26 | S = "${WORKDIR}/git" | 27 | S = "${WORKDIR}/git" |
