mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

samba: fix CVE-2022-41916

Browse Source 
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos.
Versions prior to 7.7.1 are vulnerable to a denial of service
vulnerability in Heimdal's PKI certificate validation library,
affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as
any third-party applications using Heimdal's libhx509. Users
should upgrade to Heimdal 7.7.1 or 7.8. There are no known
workarounds for this issue.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-41916

Upstream patches:
https://github.com/heimdal/heimdal/commit/eb87af0c2d189c25294c7daf483a47b03af80c2c

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Polampalli, Archana
2023-06-16 12:20:24 +00:00
committed by Armin Kuster
parent 84544d6440
commit 0393024cc5
2 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-connectivity/samba/samba/CVE-2022-41916.patch
+38
View File
@@ -0,0 +1,38 @@
From eb87af0c2d189c25294c7daf483a47b03af80c2c Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Wed, 17 Nov 2021 20:00:29 -0500
Subject: [PATCH] lib/wind: find_normalize read past end of array
find_normalize() can under some circumstances read one element
beyond the input array. The contents are discarded immediately
without further use.
This change prevents the unintended read.
(cherry picked from commit 357a38fc7fb582ae73f4b7f4a90a4b0b871b149e)
Change-Id: Ia2759a5632d64f7fa6553f879b5bbbf43ba3513e
Upstream-Status: Backport [https://github.com/heimdal/heimdal/commit/eb87af0c2d189c25294c7daf483a47b03af80c2c]
CVE: CVE-2022-41916
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
lib/wind/normalize.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/wind/normalize.c b/lib/wind/normalize.c
index 20e8a4a04b..8f3991d10e 100644
--- a/lib/wind/normalize.c
+++ b/lib/wind/normalize.c
@@ -227,9 +227,9 @@ find_composition(const uint32_t *in, unsigned in_len)
unsigned i;
if (n % 5 == 0) {
- cur = *in++;
if (in_len-- == 0)
return c->val;
+ cur = *in++;
}
i = cur >> 16;
meta-networking/recipes-connectivity/samba/samba_4.14.14.bb
+1
View File
@@ -31,6 +31,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \
file://CVE-2022-3437-0007.patch;patchdir=source4/heimdal \ file://CVE-2022-3437-0007.patch;patchdir=source4/heimdal \
file://CVE-2022-3437-0008.patch;patchdir=source4/heimdal \ file://CVE-2022-3437-0008.patch;patchdir=source4/heimdal \
file://CVE-2022-45142.patch;patchdir=source4/heimdal \ file://CVE-2022-45142.patch;patchdir=source4/heimdal \
file://CVE-2022-41916.patch;patchdir=source4/heimdal \
" "
SRC_URI:append:libc-musl = " \ SRC_URI:append:libc-musl = " \