From 1b75da44d9eb4d4fc0619f88be6dae97b58e928f Mon Sep 17 00:00:00 2001 From: liningjie Date: Tue, 15 Aug 2023 20:19:50 +0800 Subject: [PATCH] fix CVE-2023-31975 (cherry picked from commit 62a74a1df4a23e0f020c97e8439aacf0cc089ac4) --- CVE-2023-31975.patch | 27 +++++++++++++++++++++++++++ yasm.spec | 7 ++++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 CVE-2023-31975.patch diff --git a/CVE-2023-31975.patch b/CVE-2023-31975.patch new file mode 100644 index 0000000..89baf1d --- /dev/null +++ b/CVE-2023-31975.patch @@ -0,0 +1,27 @@ +From b2cc5a1693b17ac415df76d0795b15994c106441 Mon Sep 17 00:00:00 2001 +From: Katsuhiko Gondow +Date: Tue, 13 Jun 2023 05:00:47 +0900 +Subject: [PATCH] Fix memory leak in bin-objfmt (#231) + +--- + modules/objfmts/bin/bin-objfmt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/modules/objfmts/bin/bin-objfmt.c b/modules/objfmts/bin/bin-objfmt.c +index 18026750..a38c3422 100644 +--- a/modules/objfmts/bin/bin-objfmt.c ++++ b/modules/objfmts/bin/bin-objfmt.c +@@ -1680,6 +1680,10 @@ static void + bin_section_data_destroy(void *data) + { + bin_section_data *bsd = (bin_section_data *)data; ++ if (bsd->align) ++ yasm_xfree(bsd->align); ++ if (bsd->valign) ++ yasm_xfree(bsd->valign); + if (bsd->start) + yasm_expr_destroy(bsd->start); + if (bsd->vstart) +-- +2.41.0.windows.3 + diff --git a/yasm.spec b/yasm.spec index ff48fc8..d5091e9 100644 --- a/yasm.spec +++ b/yasm.spec @@ -1,6 +1,6 @@ Name: yasm Version: 1.3.0 -Release: 10 +Release: 11 Summary: NASM assembler License: BSD URL: http://yasm.tortall.net/ @@ -10,6 +10,8 @@ BuildRequires: gcc bison byacc gettext-devel xmlto Provides: bundled(md5-plumb) Patch1: CVE-2023-37732.patch +Patch2: CVE-2023-31975.patch + %description Yasm is a complete rewrite of the NASM assembler under the “new” BSD License. @@ -47,6 +49,9 @@ rm -rf %{buildroot} %{_mandir}/* %changelog +* Tue Aug 15 2023 liningjie - 1.3.0-11 +- fix CVE-2023-31975 + * Fri Aug 11 2023 liningjie - 1.3.0-10 - fix CVE-2023-37732