Details: https://nvd.nist.gov/vuln/detail/CVE-2022-1253
Pick the patch from the nvd report. The patch is only partially backported, because part of the vulnerable code was introuced only in a later version. Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../libde265/libde265/CVE-2022-1253.patch | 34 +++++++++++++++++++ .../libde265/libde265_1.0.5.bb | 4 ++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2022-1253.patch diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2022-1253.patch b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2022-1253.patch new file mode 100644 index 0000000000..57c86101fe --- /dev/null +++ b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2022-1253.patch @@ -0,0 +1,34 @@ +From 4dcc28a63e12a6cc8b99bc8e96c5c764fc7a8f1d Mon Sep 17 00:00:00 2001 +From: Dirk Farin <[email protected]> +Date: Tue, 5 Apr 2022 09:52:57 +0200 +Subject: [PATCH] error on out-of-range cpb_cnt_minus1 (oss-fuzz issue 27590) + +CVE: CVE-2022-1253 +Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8] + +This is a partial backport of the linked commit. The vulnerability impacted +two parts of the code, however one part, which deals with HRD parameters +was only introduced in a later version (1.0.8), and is not present in +the Kirkstone version yet (1.0.5). + +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + libde265/sps.cc | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libde265/sps.cc b/libde265/sps.cc +index 476cdbb..37bde7b 100644 +--- a/libde265/sps.cc ++++ b/libde265/sps.cc +@@ -425,7 +425,10 @@ de265_error seq_parameter_set::read(error_queue* errqueue, bitreader* br) + + vui_parameters_present_flag = get_bits(br,1); + if (vui_parameters_present_flag) { +- vui.read(errqueue, br, this); ++ de265_error err = vui.read(errqueue, br, this); ++ if (err) { ++ return err; ++ } + } + + diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb index d0ecd04f16..a9d5523bb5 100644 --- a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb +++ b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb @@ -8,7 +8,9 @@ LICENSE = "LGPL-3.0-only & MIT" LICENSE_FLAGS = "commercial" LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f" -SRC_URI = "https://github.com/strukturag/libde265/releases/download/v${PV}/${BPN}-${PV}.tar.gz"; +SRC_URI = "https://github.com/strukturag/libde265/releases/download/v${PV}/${BPN}-${PV}.tar.gz \ + file://CVE-2022-1253.patch \ + " SRC_URI[sha256sum] = "e3f277d8903408615a5cc34718b391b83c97c646faea4f41da93bac5ee08a87f" EXTRA_OECONF = "--disable-sherlock265 --disable-dec265"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122133): https://lists.openembedded.org/g/openembedded-devel/message/122133 Mute This Topic: https://lists.openembedded.org/mt/116518431/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
