Details: https://nvd.nist.gov/vuln/detail/CVE-2024-54662
This backported patch was taken from upstream's website[1], where they identify it as the solution for this vulnerability [1]: https://www.inet.no/dante/ (bottom, "advisories" section) Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../dante/dante/CVE-2024-54662.patch | 71 +++++++++++++++++++ .../recipes-protocols/dante/dante_1.4.1.bb | 3 +- 2 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 meta-networking/recipes-protocols/dante/dante/CVE-2024-54662.patch diff --git a/meta-networking/recipes-protocols/dante/dante/CVE-2024-54662.patch b/meta-networking/recipes-protocols/dante/dante/CVE-2024-54662.patch new file mode 100644 index 0000000000..6ed7380410 --- /dev/null +++ b/meta-networking/recipes-protocols/dante/dante/CVE-2024-54662.patch @@ -0,0 +1,71 @@ +From afedc6d8e518e4675be55557322710136a9e17a4 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari <[email protected]> +Date: Thu, 26 Feb 2026 14:34:07 +0100 +Subject: [PATCH] fix CVE-2024-54662 + +This patch fixes CVE-2024-54662. + +Description: Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect +access control for some sockd.conf configurations involving socksmethod. + +CVE: CVE-2024-54662 +Upstream-Status: Backport [https://www.inet.no/dante/advisory-2024-12-16.patch] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + sockd/sockd_protocol.c | 29 +++++++++++++++++++++++++---- + 1 file changed, 25 insertions(+), 4 deletions(-) + +diff --git a/sockd/sockd_protocol.c b/sockd/sockd_protocol.c +index d7b9405..1ea973a 100644 +--- a/sockd/sockd_protocol.c ++++ b/sockd/sockd_protocol.c +@@ -428,6 +428,7 @@ recv_v4req (s, request, state) + request_t *request; + negotiate_state_t *state; + { ++ rule_t *crule; + + /* + * v4 request: +@@ -440,6 +441,26 @@ recv_v4req (s, request, state) + /* + * No methods supported in v4. + */ ++ ++ SASSERTX(state->crule != NULL); ++ ++ crule = (rule_t *)state->crule; ++ ++ if (crule->state.smethodc > 0 ++ && crule->state.smethodv[0] != AUTHMETHOD_NONE) { ++ snprintf(state->emsg, sizeof(state->emsg), ++ "client-rule overrides prefered SOCKS authentication to use for " ++ "matching clients to be %s\"%s\", but connected client " ++ "is using SOCKS v4, which does not support any authentication", ++ crule->state.smethodc == 1 ? "" : "one of ", ++ methods2string(crule->state.smethodc, ++ crule->state.smethodv, ++ NULL, ++ 0)); ++ ++ return NEGOTIATE_ERROR; ++ } ++ + request->auth->method = AUTHMETHOD_NONE; + + /* CD */ +@@ -555,10 +576,10 @@ recv_methods(s, request, state) + default: { + /* + * Socks-methods that can be decided for use before we receive +- * the actual request. Normally only gssapi, but if the +- * rule has singleauth enabled and the client matches the +- * criteria for it, the socks-method will also have been +- * chosen already (should be NONE). ++ * the actual request. Normally only gssapi, but if the rule has ++ * singleauth enabled and the client matches the criteria for it, ++ * the socks-method will also have been chosen already (should be ++ * NONE). + */ + size_t i; + diff --git a/meta-networking/recipes-protocols/dante/dante_1.4.1.bb b/meta-networking/recipes-protocols/dante/dante_1.4.1.bb index 48f9708560..522411be4f 100644 --- a/meta-networking/recipes-protocols/dante/dante_1.4.1.bb +++ b/meta-networking/recipes-protocols/dante/dante_1.4.1.bb @@ -12,7 +12,8 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=221118dda731fe93a85d0ed973467249" SRC_URI = "https://www.inet.no/dante/files/dante-${PV}.tar.gz \ - " + file://CVE-2024-54662.patch \ + " SRC_URI[md5sum] = "68c2ce12119e12cea11a90c7a80efa8f" SRC_URI[sha256sum] = "b6d232bd6fefc87d14bf97e447e4fcdeef4b28b16b048d804b50b48f261c4f53"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124679): https://lists.openembedded.org/g/openembedded-devel/message/124679 Mute This Topic: https://lists.openembedded.org/mt/118012898/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
