From: Ashish Sharma <asha...@mvista.com> Upstream-Status: Backport from [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/patch/?id=7d374a1869d3a84971d027a7f4233878c8f25a62] CVE: CVE-2023-28938 Signed-off-by: Ashish Sharma <asha...@mvista.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- .../mdadm/files/CVE-2023-28938.patch | 80 +++++++++++++++++++ meta/recipes-extended/mdadm/mdadm_4.1.bb | 1 + 2 files changed, 81 insertions(+) create mode 100644 meta/recipes-extended/mdadm/files/CVE-2023-28938.patch
diff --git a/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch b/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch new file mode 100644 index 0000000000..1e2990d79a --- /dev/null +++ b/meta/recipes-extended/mdadm/files/CVE-2023-28938.patch @@ -0,0 +1,80 @@ +From 7d374a1869d3a84971d027a7f4233878c8f25a62 Mon Sep 17 00:00:00 2001 +From: Mateusz Grzonka <mateusz.grzo...@intel.com> +Date: Tue, 27 Jul 2021 10:25:18 +0200 +Subject: Fix memory leak after "mdadm --detail" + +Signed-off-by: Mateusz Grzonka <mateusz.grzo...@intel.com> +Signed-off-by: Jes Sorensen <jsoren...@fb.com> +--- +Upstream-Status: Backport from [https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git/patch/?id=7d374a1869d3a84971d027a7f4233878c8f25a62] +CVE: CVE-2023-28938 +Signed-off-by: Ashish Sharma <asha...@mvista.com> + + Detail.c | 20 +++++++++----------- + 1 file changed, 9 insertions(+), 11 deletions(-) + +diff --git a/Detail.c b/Detail.c +index ad56344f..d3af0ab5 100644 +--- a/Detail.c ++++ b/Detail.c +@@ -66,11 +66,11 @@ int Detail(char *dev, struct context *c) + int spares = 0; + struct stat stb; + int failed = 0; +- struct supertype *st; ++ struct supertype *st = NULL; + char *subarray = NULL; + int max_disks = MD_SB_DISKS; /* just a default */ + struct mdinfo *info = NULL; +- struct mdinfo *sra; ++ struct mdinfo *sra = NULL; + struct mdinfo *subdev; + char *member = NULL; + char *container = NULL; +@@ -93,8 +93,7 @@ int Detail(char *dev, struct context *c) + if (!sra) { + if (md_get_array_info(fd, &array)) { + pr_err("%s does not appear to be an md device\n", dev); +- close(fd); +- return rv; ++ goto out; + } + } + external = (sra != NULL && sra->array.major_version == -1 && +@@ -108,16 +107,13 @@ int Detail(char *dev, struct context *c) + sra->devs == NULL) { + pr_err("Array associated with md device %s does not exist.\n", + dev); +- close(fd); +- sysfs_free(sra); +- return rv; ++ goto out; + } + array = sra->array; + } else { + pr_err("cannot get array detail for %s: %s\n", + dev, strerror(errno)); +- close(fd); +- return rv; ++ goto out; + } + } + +@@ -827,10 +823,12 @@ out: + close(fd); + free(subarray); + free(avail); +- for (d = 0; d < n_devices; d++) +- free(devices[d]); ++ if (devices) ++ for (d = 0; d < n_devices; d++) ++ free(devices[d]); + free(devices); + sysfs_free(sra); ++ free(st); + return rv; + } + +-- +cgit + diff --git a/meta/recipes-extended/mdadm/mdadm_4.1.bb b/meta/recipes-extended/mdadm/mdadm_4.1.bb index 5238a41df2..ca326fd1cb 100644 --- a/meta/recipes-extended/mdadm/mdadm_4.1.bb +++ b/meta/recipes-extended/mdadm/mdadm_4.1.bb @@ -25,6 +25,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \ file://include_sysmacros.patch \ file://0001-mdadm-skip-test-11spare-migration.patch \ file://CVE-2023-28736.patch \ + file://CVE-2023-28938.patch \ " SRC_URI[md5sum] = "51bf3651bd73a06c413a2f964f299598" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191889): https://lists.openembedded.org/g/openembedded-core/message/191889 Mute This Topic: https://lists.openembedded.org/mt/103012736/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-