Hi Ashish, We already have a fix for this CVE in kirkstone:
https://git.yoctoproject.org/poky/commit/?h=kirkstone&id=e8eab4241593cc93da7dd24ad7a188bbf1866413 Thanks! Steve On Wed, May 3, 2023 at 3:47 PM Ashish Sharma <[email protected]> wrote: > > ChangeID: 2bfa88cb752792ddc37f700f87a896331bb12c95 > > CVE: CVE-2023-29383 > shadow: Improper input validation in shadow-utils package utility > chfn > > Signed-off-by: Ashish Sharma <[email protected]> > --- > .../shadow/files/CVE-2023-29383.patch | 46 +++++++++++++++++++ > meta/recipes-extended/shadow/shadow.inc | 1 + > 2 files changed, 47 insertions(+) > create mode 100644 meta/recipes-extended/shadow/files/CVE-2023-29383.patch > > diff --git a/meta/recipes-extended/shadow/files/CVE-2023-29383.patch > b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch > new file mode 100644 > index 00000000000..49e62d4e429 > --- /dev/null > +++ b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch > @@ -0,0 +1,46 @@ > +From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001 > +From: tomspiderlabs <[email protected]> > +Date: Thu, 23 Mar 2023 23:39:38 +0000 > +Subject: [PATCH] Added control character check > + > +Added control character check, returning -1 (to "err") if control characters > are present. > +--- > +Upstream-Status: Backport > [https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d] > +CVE: CVE-2023-29383 > +Signed-off-by: Ashish Sharma <[email protected]> > + > + lib/fields.c | 11 +++++++---- > + 1 file changed, 7 insertions(+), 4 deletions(-) > + > +diff --git a/lib/fields.c b/lib/fields.c > +index 640be931f..fb51b5829 100644 > +--- a/lib/fields.c > ++++ b/lib/fields.c > +@@ -21,9 +21,9 @@ > + * > + * The supplied field is scanned for non-printable and other illegal > + * characters. > +- * + -1 is returned if an illegal character is present. > +- * + 1 is returned if no illegal characters are present, but the field > +- * contains a non-printable character. > ++ * + -1 is returned if an illegal or control character is present. > ++ * + 1 is returned if no illegal or control characters are present, > ++ * but the field contains a non-printable character. > + * + 0 is returned otherwise. > + */ > + int valid_field (const char *field, const char *illegal) > +@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal) > + } > + > + if (0 == err) { > +- /* Search if there are some non-printable characters */ > ++ /* Search if there are non-printable or control characters */ > + for (cp = field; '\0' != *cp; cp++) { > + if (!isprint (*cp)) { > + err = 1; > ++ } > ++ if (!iscntrl (*cp)) { > ++ err = -1; > + break; > + } > + } > diff --git a/meta/recipes-extended/shadow/shadow.inc > b/meta/recipes-extended/shadow/shadow.inc > index 5106b955719..72891d022fe 100644 > --- a/meta/recipes-extended/shadow/shadow.inc > +++ b/meta/recipes-extended/shadow/shadow.inc > @@ -16,6 +16,7 @@ SRC_URI = > "https://github.com/shadow-maint/shadow/releases/download/v${PV}/${BP} > ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', > '', d)} \ > file://shadow-relaxed-usernames.patch \ > file://useradd \ > + file://CVE-2023-29383.patch \ > " > > SRC_URI:append:class-target = " \ > -- > 2.35.7 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#180876): https://lists.openembedded.org/g/openembedded-core/message/180876 Mute This Topic: https://lists.openembedded.org/mt/98675950/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
