[oe] [meta-oe][kirkstone][PATCH 1/2] exiv2: patch CVE-2026-25884

Gyorgy Sarvari via lists.openembedded.org Wed, 11 Mar 2026 04:12:04 -0700

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-25884


Backport the commits referenced by the NVD advisory.

Note that the regression tests are not included in this test. The
patch contains binary data, which cannot be applied with any of
the PATCHTOOLs in do_patch task.

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../exiv2/exiv2/CVE-2026-25884.patch          | 25 +++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb |  1 +
 2 files changed, 26 insertions(+)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2026-25884.patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2026-25884.patch 
b/meta-oe/recipes-support/exiv2/exiv2/CVE-2026-25884.patch
new file mode 100644
index 0000000000..624c53f49b
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2026-25884.patch
@@ -0,0 +1,25 @@
+From cfbe7e48cbfa63b88b3dcf9d99272330f8349c4f Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <[email protected]>
+Date: Sat, 31 Jan 2026 15:31:55 +0000
+Subject: [PATCH] Fix out-of-bounds read.
+
+CVE: CVE-2026-25884
+Upstream-Status: Backport 
[https://github.com/Exiv2/exiv2/commit/5b8f1f4d92b8f27a5a80e0c3d3eb9dce7620d9f1]
+Signed-off-by: Gyorgy Sarvari <[email protected]>
+---
+ src/crwimage_int.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp
+index 570de75..8791dbd 100644
+--- a/src/crwimage_int.cpp
++++ b/src/crwimage_int.cpp
+@@ -812,7 +812,7 @@ namespace Exiv2 {
+                                     Image&         image,
+                                     ByteOrder      /*byteOrder*/)
+     {
+-        std::string s(reinterpret_cast<const char*>(ciffComponent.pData()));
++        auto s = std::string(reinterpret_cast<const 
char*>(ciffComponent.pData()), ciffComponent.size());
+         image.setComment(s);
+     } // CrwMap::decode0x0805
+ 
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb 
b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index 4700173de4..602ef3910f 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -32,6 +32,7 @@ SRC_URI = 
"https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source
            file://CVE-2021-37621-2.patch \
            file://CVE-2021-37622-1.patch \
            file://CVE-2021-37622-2.patch \
+           file://CVE-2026-25884.patch \
            "
 SRC_URI[sha256sum] = 
"a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#125082): 
https://lists.openembedded.org/g/openembedded-devel/message/125082
Mute This Topic: https://lists.openembedded.org/mt/118258173/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-oe][kirkstone][PATCH 1/2] exiv2: patch CVE-2026-25884

Reply via email to