mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
xrdp: patch CVE-2023-40184
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-40184 Pick the patch that is associated with the github advisory[1], which is a backported version of the patch that is referenced by the nvd report. [1]: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-f489-557v-47jq Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
committed by
Anuj Mittal
parent
f81041bb39
commit
259e4f9266
@@ -0,0 +1,73 @@
|
|||||||
|
From 322d11b431e4773f77aaeb764571a3a8d60f9fca Mon Sep 17 00:00:00 2001
|
||||||
|
From: matt335672 <30179339+matt335672@users.noreply.github.com>
|
||||||
|
Date: Sat, 19 Aug 2023 13:26:44 +0100
|
||||||
|
Subject: [PATCH] [v0.9] Check auth_start_session() result
|
||||||
|
|
||||||
|
CVE: CVE-2023-40184
|
||||||
|
Upstream-Status: Backport [https://github.com/neutrinolabs/xrdp/commit/8c5b7cdff3929dc59c5f13e33cec839ed45d1c34]
|
||||||
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||||
|
---
|
||||||
|
sesman/session.c | 7 ++++++-
|
||||||
|
sesman/verify_user_pam.c | 24 ++++++++++++++++++++++--
|
||||||
|
2 files changed, 28 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 441f8d3a60..d352f5e859 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -526,7 +526,12 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
g_delete_wait_obj(g_sigchld_event);
|
||||||
|
g_delete_wait_obj(g_term_event);
|
||||||
|
|
||||||
|
- auth_start_session(data, display);
|
||||||
|
+ if (auth_start_session(data, display) != 0)
|
||||||
|
+ {
|
||||||
|
+ // Errors are logged by the auth module, as they are
|
||||||
|
+ // specific to that module
|
||||||
|
+ g_exit(1);
|
||||||
|
+ }
|
||||||
|
sesman_close_all();
|
||||||
|
g_sprintf(geometry, "%dx%d", s->width, s->height);
|
||||||
|
g_sprintf(depth, "%d", s->bpp);
|
||||||
|
diff --git a/sesman/verify_user_pam.c b/sesman/verify_user_pam.c
|
||||||
|
index a34d83cd7d..ed17397fc3 100644
|
||||||
|
--- a/sesman/verify_user_pam.c
|
||||||
|
+++ b/sesman/verify_user_pam.c
|
||||||
|
@@ -316,8 +316,8 @@ auth_userpass(const char *user, const char *pass, int *errorcode)
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
/* returns error */
|
||||||
|
-int
|
||||||
|
-auth_start_session(long in_val, int in_display)
|
||||||
|
+static int
|
||||||
|
+auth_start_session_private(long in_val, int in_display)
|
||||||
|
{
|
||||||
|
struct t_auth_info *auth_info;
|
||||||
|
int error;
|
||||||
|
@@ -357,6 +357,26 @@ auth_start_session(long in_val, int in_display)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/******************************************************************************/
|
||||||
|
+/**
|
||||||
|
+ * Main routine to start a session
|
||||||
|
+ *
|
||||||
|
+ * Calls the private routine and logs an additional error if the private
|
||||||
|
+ * routine fails
|
||||||
|
+ */
|
||||||
|
+int
|
||||||
|
+auth_start_session(long in_val, int in_display)
|
||||||
|
+{
|
||||||
|
+ int result = auth_start_session_private(in_val, in_display);
|
||||||
|
+ if (result != 0)
|
||||||
|
+ {
|
||||||
|
+ LOG(LOG_LEVEL_ERROR,
|
||||||
|
+ "Can't start PAM session. See PAM logging for more info");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return result;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/******************************************************************************/
|
||||||
|
/* returns error */
|
||||||
|
int
|
||||||
@@ -27,6 +27,7 @@ SRC_URI = "https://github.com/neutrinolabs/${BPN}/releases/download/v${PV}/${BPN
|
|||||||
file://CVE-2022-23483.patch \
|
file://CVE-2022-23483.patch \
|
||||||
file://CVE-2022-23484.patch \
|
file://CVE-2022-23484.patch \
|
||||||
file://CVE-2022-23493.patch \
|
file://CVE-2022-23493.patch \
|
||||||
|
file://CVE-2023-40184.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
SRC_URI[sha256sum] = "db693401da95b71b4d4e4c99aeb569a546dbdbde343f6d3302b0c47653277abb"
|
SRC_URI[sha256sum] = "db693401da95b71b4d4e4c99aeb569a546dbdbde343f6d3302b0c47653277abb"
|
||||||
|
|||||||
Reference in New Issue
Block a user