Details: https://nvd.nist.gov/vuln/detail/CVE-2025-49809
Pick the patch mentioned in the NVD report. Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../mtr/mtr/CVE-2025-49809.patch | 38 +++++++++++++++++++ .../recipes-support/mtr/mtr_0.95.bb | 4 +- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 meta-networking/recipes-support/mtr/mtr/CVE-2025-49809.patch diff --git a/meta-networking/recipes-support/mtr/mtr/CVE-2025-49809.patch b/meta-networking/recipes-support/mtr/mtr/CVE-2025-49809.patch new file mode 100644 index 0000000000..1f8ac4aeb9 --- /dev/null +++ b/meta-networking/recipes-support/mtr/mtr/CVE-2025-49809.patch @@ -0,0 +1,38 @@ +From 5eefb172ef1ab9e46d79c6bae60dbe7983c9f704 Mon Sep 17 00:00:00 2001 +From: "R.E. Wolff" <[email protected]> +Date: Sun, 29 Jun 2025 14:06:00 +0200 +Subject: [PATCH] Added protection against use of MTR_PACKET under special + circumstances + +CVE: CVE-2025-49809 +Upstream-Status: Backport [https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + ui/cmdpipe.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/ui/cmdpipe.c b/ui/cmdpipe.c +index d22b236..1a66293 100644 +--- a/ui/cmdpipe.c ++++ b/ui/cmdpipe.c +@@ -220,10 +220,17 @@ void execute_packet_child( + the path to the mtr-packet executable. This is necessary + for debugging changes for mtr-packet. + */ +- char *mtr_packet_path = getenv("MTR_PACKET"); +- if (mtr_packet_path == NULL) { ++ char * mtr_packet_path = NULL; ++ ++ // In the rare case that mtr-packet is not setuid-root, ++ // and a select group of users has sudo privileges to run ++ // mtr and not much else, THEN create /etc/mtr.is.run.under.sudo ++ // to prevent a privilege escalation when one of those accounts ++ // is compromised. CVE-2025-49809 ++ if (access ("/etc/mtr.is.run.under.sudo", F_OK) != 0) ++ mtr_packet_path = getenv("MTR_PACKET"); ++ if (mtr_packet_path == NULL) + mtr_packet_path = "mtr-packet"; +- } + + /* + First, try to execute mtr-packet from PATH diff --git a/meta-networking/recipes-support/mtr/mtr_0.95.bb b/meta-networking/recipes-support/mtr/mtr_0.95.bb index 92f9c4bfc0..8c385ae46a 100644 --- a/meta-networking/recipes-support/mtr/mtr_0.95.bb +++ b/meta-networking/recipes-support/mtr/mtr_0.95.bb @@ -9,7 +9,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://ui/mtr.c;beginline=5;endline=16;md5=00a894a39d53726a27386534d1c4e468" SRCREV = "852e5617fbf331cf292723702161f0ac9afe257c" -SRC_URI = "git://github.com/traviscross/mtr;branch=master;protocol=https" +SRC_URI = "git://github.com/traviscross/mtr;branch=master;protocol=https \ + file://CVE-2025-49809.patch \ + " S = "${WORKDIR}/git"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122913): https://lists.openembedded.org/g/openembedded-devel/message/122913 Mute This Topic: https://lists.openembedded.org/mt/116939925/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
