From: Amaury Couderc <[email protected]> Signed-off-by: Amaury Couderc <[email protected]> --- .../gnutls/libtasn1/CVE-2025-13151.patch | 36 +++++++++++++++++++ .../recipes-support/gnutls/libtasn1_4.20.0.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch
diff --git a/meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch b/meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch new file mode 100644 index 0000000000..6ece045643 --- /dev/null +++ b/meta/recipes-support/gnutls/libtasn1/CVE-2025-13151.patch @@ -0,0 +1,36 @@ +From d6dbdff9a87e277c5c42adca935b32b5f99b464f Mon Sep 17 00:00:00 2001 +From: Vijay Sarvepalli <[email protected]> +Date: Mon, 12 Jan 2026 10:49:46 +0100 +Subject: [PATCH] CVE-2025-13151 + +Stack-based buffer overflow in libtasn1 version: v4.20.0. +The function fails to validate the size of input data +resulting in a buffer overflow in asn1_expend_octet_string. + +Fixes CVE-2025-13151 +CVE-2025-13151 + +Upstream-Status: Backport +[https://gitlab.com/gnutls/libtasn1/-/merge_requests/121/diffs?commit_id=305377bad9ab87f461a2adcbb056c424cd56d03a] + +Signed-off-by: Amaury Couderc <[email protected]> +--- + lib/decoding.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/decoding.c b/lib/decoding.c +index 1e0fcb3..abcb49f 100644 +--- a/lib/decoding.c ++++ b/lib/decoding.c +@@ -1983,7 +1983,7 @@ int + asn1_expand_octet_string (asn1_node_const definitions, asn1_node *element, + const char *octetName, const char *objectName) + { +- char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE]; ++ char name[2 * ASN1_MAX_NAME_SIZE + 2], value[ASN1_MAX_NAME_SIZE]; + int retCode = ASN1_SUCCESS, result; + int len, len2, len3; + asn1_node_const p2; +-- +2.43.0 + diff --git a/meta/recipes-support/gnutls/libtasn1_4.20.0.bb b/meta/recipes-support/gnutls/libtasn1_4.20.0.bb index 8127ba5b1d..bfc011a2f1 100644 --- a/meta/recipes-support/gnutls/libtasn1_4.20.0.bb +++ b/meta/recipes-support/gnutls/libtasn1_4.20.0.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ file://dont-depend-on-help2man.patch \ + file://CVE-2025-13151.patch \ " DEPENDS = "bison-native" -- 2.44.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#229210): https://lists.openembedded.org/g/openembedded-core/message/229210 Mute This Topic: https://lists.openembedded.org/mt/117225741/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
