packages/util-linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!70 fix CVE-2021-37600

Browse Source 
From: @tong_1001
Reviewed-by: @openeuler-basic
Signed-off-by: @openeuler-basic
This commit is contained in:
openeuler-ci-bot 2021-08-10 06:27:55 +00:00 committed by Gitee
commit bfe93b8797
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
backport-CVE-2021-37600.patch Normal file
View File

@ -0,0 +1,25 @@
From 1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Tue, 27 Jul 2021 11:58:31 +0200
Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64
nmembs
Fix: https://github.com/karelzak/util-linux/issues/1395
Signed-off-by: Karel Zak <kzak@redhat.com>
---
sys-utils/ipcutils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
index e784c4dcb9..18868cfd38 100644
--- a/sys-utils/ipcutils.c
+++ b/sys-utils/ipcutils.c
@@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p)
{
size_t i;
- if (!p || !p->sem_nsems || p->sem_perm.id < 0)
+ if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
return;
p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));

9
util-linux.spec
View File

@ -3,7 +3,7 @@
Name: util-linux Name: util-linux
Version: 2.36.1 Version: 2.36.1
Release: 4 Release: 5
Summary: A random collection of Linux utilities Summary: A random collection of Linux utilities
License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
URL: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git URL: https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git
@ -41,6 +41,7 @@ Patch2: backport-libfdisk-make-fdisk_partname-more-robust.patch
Patch3: backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch Patch3: backport-libmount-fix-tab-parser-for-badly-terminated-lines.patch
Patch4: backport-libblkid-improve-debug-for-proc-partitions.patch Patch4: backport-libblkid-improve-debug-for-proc-partitions.patch
Patch5: backport-libblkid-use-sys-to-read-all-block-devices.patch Patch5: backport-libblkid-use-sys-to-read-all-block-devices.patch
Patch6000: backport-CVE-2021-37600.patch
Patch9000: Add-check-to-resolve-uname26-version-test-failed.patch Patch9000: Add-check-to-resolve-uname26-version-test-failed.patch
@ -390,6 +391,12 @@ fi
%{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*} %{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*}
%changelog %changelog
* Tue Aug 10 2021 shixuantong<shixuantong@huawei.com> - 2.36.1-5
- Type:CVE
- ID:CVE-2021-37600
- SUG:NA
- DESC:fix CVE-2021-37600
* Thu Jul 22 2021 shixuantong<shixuantong@huawei.com> - 2.36.1-4 * Thu Jul 22 2021 shixuantong<shixuantong@huawei.com> - 2.36.1-4
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA