diff options
| author | Yogita Urade <yogita.urade@windriver.com> | 2023-07-28 10:01:09 +0000 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-08-02 04:47:13 -1000 |
| commit | f4c5d9a3a6ee2d974e55aec4b1602a368dbacf72 (patch) | |
| tree | f3719c3422c6bdbab14556ecdb08438729e58b64 /meta/recipes-devtools/dmidecode/dmidecode_3.3.bb | |
| parent | e01d123ba1d23d9f5933cf6c30104eefaf74d375 (diff) | |
| download | poky-f4c5d9a3a6ee2d974e55aec4b1602a368dbacf72.tar.gz | |
dmidecode: fix CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file.
This has security relevance because, for example, execution of
Dmidecode via Sudo is plausible.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-30630
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html
Backport: fixes fuzz in the CVE-2023-30630_2.patch in kirkstone
(From OE-Core rev: 4f83427a0a01e8285c9eb42d2a635d1ff7b23779)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit f92e59a0894145a828dc9ac74bf8c7a9355e0587)
Signed-off-by: Dhairya Nagodra <dnagodra@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/dmidecode/dmidecode_3.3.bb')
| -rw-r--r-- | meta/recipes-devtools/dmidecode/dmidecode_3.3.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-devtools/dmidecode/dmidecode_3.3.bb b/meta/recipes-devtools/dmidecode/dmidecode_3.3.bb index 23540b2703..b99c2ea99d 100644 --- a/meta/recipes-devtools/dmidecode/dmidecode_3.3.bb +++ b/meta/recipes-devtools/dmidecode/dmidecode_3.3.bb | |||
| @@ -6,6 +6,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" | |||
| 6 | 6 | ||
| 7 | SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \ | 7 | SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/dmidecode/${BP}.tar.xz \ |
| 8 | file://0001-Committing-changes-from-do_unpack_extra.patch \ | 8 | file://0001-Committing-changes-from-do_unpack_extra.patch \ |
| 9 | file://CVE-2023-30630_1.patch \ | ||
| 10 | file://CVE-2023-30630_2.patch \ | ||
| 11 | file://CVE-2023-30630_3.patch \ | ||
| 12 | file://CVE-2023-30630_4.patch \ | ||
| 9 | " | 13 | " |
| 10 | 14 | ||
| 11 | COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux" | 15 | COMPATIBLE_HOST = "(i.86|x86_64|aarch64|arm|powerpc|powerpc64).*-linux" |
