From 26e0d5772fffb9ca4f808110abf2be3315a57482 Mon Sep 17 00:00:00 2001
From: shixuantong <shixuantong@huawei.com>
Date: Tue, 10 Aug 2021 12:15:19 +0800
Subject: [PATCH] fix CVE-2021-37600

---
 backport-CVE-2021-37600.patch | 25 +++++++++++++++++++++++++
 util-linux.spec               |  9 ++++++++-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2021-37600.patch

diff --git a/backport-CVE-2021-37600.patch b/backport-CVE-2021-37600.patch
new file mode 100644
index 0000000..139656e
--- /dev/null
+++ b/backport-CVE-2021-37600.patch
@@ -0,0 +1,25 @@
+From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
+ nmembs
+
+Fix: https://github.com/karelzak/util-linux/issues/1395
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index e784c4dcb9..18868cfd38 100644
+--- a/sys-utils/ipcutils.c
++++ b/sys-utils/ipcutils.c
+@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+ 	size_t i;
+ 
+-	if (!p || !p->sem_nsems || p->sem_perm.id < 0)
++	if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+ 		return;
+ 
+ 	p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
diff --git a/util-linux.spec b/util-linux.spec
index 12a2ece..2e3a64f 100644
--- a/util-linux.spec
+++ b/util-linux.spec
@@ -3,7 +3,7 @@
 
 Name:           util-linux
 Version:        2.36.1
-Release:        4
+Release:        5
 Summary:        A random collection of Linux utilities
 License:        GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
 URL:            https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git
@@ -41,6 +41,7 @@ Patch2:         backport-libfdisk-make-fdisk_partname-more-robust.patch
 Patch3:         backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch
 Patch4:         backport-libblkid-improve-debug-for-proc-partitions.patch
 Patch5:         backport-libblkid-use-sys-to-read-all-block-devices.patch
+Patch6000:      backport-CVE-2021-37600.patch
 
 Patch9000:	Add-check-to-resolve-uname26-version-test-failed.patch
 
@@ -390,6 +391,12 @@ fi
 %{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*}
 
 %changelog
+* Tue Aug 10 2021 shixuantong<shixuantong@huawei.com> - 2.36.1-5
+- Type:CVE
+- ID:CVE-2021-37600
+- SUG:NA
+- DESC:fix CVE-2021-37600
+
 * Thu Jul 22 2021 shixuantong<shixuantong@huawei.com> - 2.36.1-4
 - Type:bugfix
 - ID:NA