dmidecode: fix CVE-2023-30630 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2023-07-13 06:36:10 +0000
committer	Steve Sakoman <steve@sakoman.com>	2023-07-20 12:10:40 -1000
commit	4c0213759a71b5510b3221514530c4dae5458eb6 (patch)
tree	18cabcd5e0e64420cbd88fe440bc4b9379a02fa9 /scripts/lib/scriptutils.py
parent	02f174035101a78165c5c706f777944f448e6b69 (diff)
download	poky-4c0213759a71b5510b3221514530c4dae5458eb6.tar.gz

dmidecode: fix CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. References: https://nvd.nist.gov/vuln/detail/CVE-2023-30630 https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html (From OE-Core rev: f92e59a0894145a828dc9ac74bf8c7a9355e0587) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: