[OE-core] [PATCH 1/3] systemd: Security fix CVE-2018-16864
Burton, Ross
ross.burton at intel.com
Thu Jan 24 15:55:29 UTC 2019
On Thu, 24 Jan 2019 at 12:44, Marcus Cooper <marcus.cooper at axis.com> wrote:
> +++ b/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch
> @@ -0,0 +1,204 @@
> +From fe19f5a9d0d8b9977e9507a9b66c3cc66744cd38 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek at in.waw.pl>
> +Date: Wed, 5 Dec 2018 18:38:39 +0100
> +Subject: [PATCH] journald: do not store the iovec entry for process
> + commandline on stack
> +
> +This fixes a crash where we would read the commandline, whose length is under
> +control of the sending program, and then crash when trying to create a stack
> +allocation for it.
> +
> +CVE-2018-16864
> +https://bugzilla.redhat.com/show_bug.cgi?id=1653855
> +
> +The message actually doesn't get written to disk, because
> +journal_file_append_entry() returns -E2BIG.
> +
> +Patch backported from systemd master at
> +084eeb865ca63887098e0945fb4e93c852b91b0f.
These patches need a CVE tag (CVE: CVE-2018-16864), and
Upstream-Status tag (Backport), and your Signed-off-by.
Ross
More information about the Openembedded-core
mailing list