mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

unbound: patch CVE-2024-43167

Browse Source 
Details https://nvd.nist.gov/vuln/detail/CVE-2024-43167

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Ankur Tyagi
2025-12-16 12:45:34 +05:30
committed by Anuj Mittal
parent 0d9da11052
commit 1876b4656d
2 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-support/unbound/unbound/CVE-2024-43167.patch
+46
View File
@@ -0,0 +1,46 @@
From 81b41525fd07660f60ccca0378d1e1650d0b45b7 Mon Sep 17 00:00:00 2001
From: zhailiangliang <zhailiangliang@loongson.cn>
Date: Tue, 21 May 2024 08:40:16 +0000
Subject: [PATCH] fix null pointer dereference issue in function ub_ctx_set_fwd
of file libunbound/libunbound.c
CVE: CVE-2024-43167
Upstream-Status: Backport [https://github.com/NLnetLabs/unbound/commit/8e43e2574c4e02f79c562a061581cdcefe136912]
(cherry picked from commit 8e43e2574c4e02f79c562a061581cdcefe136912)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
libunbound/libunbound.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c
index 80a82bb4..c52114d9 100644
--- a/libunbound/libunbound.c
+++ b/libunbound/libunbound.c
@@ -976,7 +976,8 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr)
if(!addr) {
/* disable fwd mode - the root stub should be first. */
if(ctx->env->cfg->forwards &&
- strcmp(ctx->env->cfg->forwards->name, ".") == 0) {
+ (ctx->env->cfg->forwards->name &&
+ strcmp(ctx->env->cfg->forwards->name, ".") == 0)) {
s = ctx->env->cfg->forwards;
ctx->env->cfg->forwards = s->next;
s->next = NULL;
@@ -996,7 +997,8 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr)
/* it parses, add root stub in front of list */
lock_basic_lock(&ctx->cfglock);
if(!ctx->env->cfg->forwards ||
- strcmp(ctx->env->cfg->forwards->name, ".") != 0) {
+ (ctx->env->cfg->forwards->name &&
+ strcmp(ctx->env->cfg->forwards->name, ".") != 0)) {
s = calloc(1, sizeof(*s));
if(!s) {
lock_basic_unlock(&ctx->cfglock);
@@ -1014,6 +1016,7 @@ ub_ctx_set_fwd(struct ub_ctx* ctx, const char* addr)
ctx->env->cfg->forwards = s;
} else {
log_assert(ctx->env->cfg->forwards);
+ log_assert(ctx->env->cfg->forwards->name);
s = ctx->env->cfg->forwards;
}
dupl = strdup(addr);
meta-networking/recipes-support/unbound/unbound_1.19.3.bb
+1
View File
@@ -13,6 +13,7 @@ SRC_URI = "git://github.com/NLnetLabs/unbound.git;protocol=https;nobranch=1 \
file://CVE-2024-8508.patch \
file://CVE-2024-33655.patch \
file://CVE-2025-11411.patch \
file://CVE-2024-43167.patch \
"
SRCREV = "48b6c60a24e9a5d6d369a7a37c9fe2a767f26abd"