Backport fix for CVE-2023-2602 and CVE-2023-2603
This commit is contained in:
parent
3d19cbc8ff
commit
8165150b10
34
0001-cap_alloc.c-fix-CVE-2023-2603.patch
Normal file
34
0001-cap_alloc.c-fix-CVE-2023-2603.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 59bae31a96003840c064573904a4041427df3890 Mon Sep 17 00:00:00 2001
|
||||
From: Carlos Rodriguez-Fernandez <carlosrodrifernandez@gmail.com>
|
||||
Date: Wed, 22 Nov 2023 07:53:36 -0700
|
||||
Subject: [PATCH 1/2] cap_alloc.c:fix CVE-2023-2603
|
||||
|
||||
---
|
||||
libcap/cap_alloc.c | 11 +++++++++--
|
||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libcap/cap_alloc.c b/libcap/cap_alloc.c
|
||||
index 6dab4e6..7456d97 100644
|
||||
--- a/libcap/cap_alloc.c
|
||||
+++ b/libcap/cap_alloc.c
|
||||
@@ -81,8 +81,15 @@ char *_libcap_strdup(const char *old)
|
||||
errno = EINVAL;
|
||||
return NULL;
|
||||
}
|
||||
-
|
||||
- raw_data = malloc( sizeof(__u32) + strlen(old) + 1 );
|
||||
+ size_t len;
|
||||
+ len = strlen(old);
|
||||
+ if ((len & 0x3fffffff) != len) {
|
||||
+ _cap_debug("len is too long for libcap to manage");
|
||||
+ errno = EINVAL;
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ len += sizeof(__u32) + 1;
|
||||
+ raw_data = malloc(len);
|
||||
if (raw_data == NULL) {
|
||||
errno = ENOMEM;
|
||||
return NULL;
|
||||
--
|
||||
2.42.0
|
||||
|
25
0002-psx.c-fix-CVE-2023-2602.patch
Normal file
25
0002-psx.c-fix-CVE-2023-2602.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From 5abae730d176107642d5d24cc14f27595ca88a69 Mon Sep 17 00:00:00 2001
|
||||
From: Carlos Rodriguez-Fernandez <carlosrodrifernandez@gmail.com>
|
||||
Date: Wed, 22 Nov 2023 07:55:04 -0700
|
||||
Subject: [PATCH 2/2] psx.c:fix CVE-2023-2602
|
||||
|
||||
---
|
||||
psx/psx.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/psx/psx.c b/psx/psx.c
|
||||
index 4de3653..eec6db8 100644
|
||||
--- a/psx/psx.c
|
||||
+++ b/psx/psx.c
|
||||
@@ -478,7 +478,7 @@ int __wrap_pthread_create(pthread_t *thread, const pthread_attr_t *attr,
|
||||
pthread_sigmask(SIG_BLOCK, &sigbit, NULL);
|
||||
|
||||
int ret = __real_pthread_create(thread, attr, _psx_start_fn, starter);
|
||||
- if (ret == -1) {
|
||||
+ if (ret > 0) {
|
||||
psx_new_state(_PSX_CREATE, _PSX_IDLE);
|
||||
memset(starter, 0, sizeof(*starter));
|
||||
free(starter);
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,12 +1,14 @@
|
||||
Name: libcap
|
||||
Version: 2.48
|
||||
Release: 7%{?dist}
|
||||
Release: 8%{?dist}
|
||||
Summary: Library for getting and setting POSIX.1e capabilities
|
||||
URL: https://sites.google.com/site/fullycapable/
|
||||
License: BSD or GPLv2
|
||||
|
||||
Source: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/%{name}-%{version}.tar.gz
|
||||
Patch0: libcap-use-compiler-flag-options.patch
|
||||
Patch1: 0001-cap_alloc.c-fix-CVE-2023-2603.patch
|
||||
Patch2: 0002-psx.c-fix-CVE-2023-2602.patch
|
||||
|
||||
BuildRequires: libattr-devel pam-devel perl-interpreter gcc
|
||||
BuildRequires: make
|
||||
@ -83,6 +85,9 @@ chmod +x %{buildroot}/%{_libdir}/*.so.*
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Nov 22 2023 Carlos Rodriguez-Fernandez <carlosrodrifernandez@gmail.com> - 2.48-8
|
||||
- Backport fix for CVE-2023-2602 and CVE-2023-2603
|
||||
|
||||
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.48-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user