diff --git a/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch b/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch new file mode 100644 index 0000000000..671e91b616 --- /dev/null +++ b/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch @@ -0,0 +1,29 @@ +From a39db41390de546d18962ee1278bd6dbb715f466 Mon Sep 17 00:00:00 2001 +From: Alexander Smorkalov +Date: Tue, 13 May 2025 08:56:14 +0300 +Subject: [PATCH] Cherry-pick OpenJPEG deconding status fix. + +CVE: CVE-2025-53644 + +Upstream-Status: Backport [https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466] + +Signed-off-by: Praveen Kumar +--- + 3rdparty/openjpeg/openjp2/jp2.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/3rdparty/openjpeg/openjp2/jp2.c b/3rdparty/openjpeg/openjp2/jp2.c +index 6015190e1f..ab868bd7c1 100644 +--- a/3rdparty/openjpeg/openjp2/jp2.c ++++ b/3rdparty/openjpeg/openjp2/jp2.c +@@ -2869,7 +2869,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream, + p_image, + p_manager); + +- if (p_image && *p_image) { ++ if (ret && p_image && *p_image) { + /* Set Image Color Space */ + if (jp2->enumcs == 16) { + (*p_image)->color_space = OPJ_CLRSPC_SRGB; +-- +2.40.0 diff --git a/meta-oe/recipes-support/opencv/opencv_4.11.0.bb b/meta-oe/recipes-support/opencv/opencv_4.11.0.bb index 61dc681a39..22760551aa 100644 --- a/meta-oe/recipes-support/opencv/opencv_4.11.0.bb +++ b/meta-oe/recipes-support/opencv/opencv_4.11.0.bb @@ -35,6 +35,7 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=4.x;protocol=ht file://0008-Do-not-embed-build-directory-in-binaries.patch \ file://0001-core-fixed-VSX-intrinsics-implementation.patch \ file://0001-FROMLIST-Switch-to-static-instance-of-FastCV-on-Linux.patch \ + file://CVE-2025-53644.patch \ " SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib"