mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-30 03:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

acpica: fix CVE-2024-24856

Browse Source 
The memory allocation function ACPI_ALLOCATE_ZEROED does not
guarantee a successful allocation, but the subsequent code
directly dereferences the pointer that receives it, which may
lead to null pointer dereference. To fix this issue, a null
pointer check should be added. If it is null, return exception
code AE_NO_MEMORY.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-24856

(From OE-Core rev: 0920aacb2a042e10e54db949428471ef9b20c96d)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Yogita Urade
2024-06-21 11:05:09 +00:00
committed by Steve Sakoman
parent e2366b9d09
commit 064e000b18
2 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
meta/recipes-extended/acpica/acpica/CVE-2024-24856.patch Normal file
View File

@@ -0,0 +1,33 @@
From 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 Mon Sep 17 00:00:00 2001
From: Huai-Yuan Liu <qq810974084@gmail.com>
Date: Tue, 4 Jun 2024 11:52:15 +0000
Subject: [PATCH] check null return of ACPI_ALLOCATE_ZEROED in
AcpiDbConvertToPackage ACPI_ALLOCATE_ZEROED may fails, Elements
might be null and will cause null pointer dereference later.
Signed-off-by: Huai-Yuan Liu <qq810974084@gmail.com>
CVE: CVE-2024-24856
Upstream-Status: Backport [https://github.com/acpica/acpica/commit/4d4547cf13cca820ff7e0f859ba83e1a610b9fd0]
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
source/components/debugger/dbconvert.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/source/components/debugger/dbconvert.c b/source/components/debugger/dbconvert.c
index 55307d0..c17a5ab 100644
--- a/source/components/debugger/dbconvert.c
+++ b/source/components/debugger/dbconvert.c
@@ -354,6 +354,8 @@ AcpiDbConvertToPackage (
Elements = ACPI_ALLOCATE_ZEROED (
DB_DEFAULT_PKG_ELEMENTS * sizeof (ACPI_OBJECT));
+ if (!Elements)
+ return (AE_NO_MEMORY);
This = String;
for (i = 0; i < (DB_DEFAULT_PKG_ELEMENTS - 1); i++)
--
2.40.0

4
meta/recipes-extended/acpica/acpica_20211217.bb
View File

@@ -16,7 +16,9 @@ COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux"
DEPENDS = "m4-native flex-native bison-native"
SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz"
SRC_URI = "https://acpica.org/sites/acpica/files/acpica-unix-${PV}.tar.gz \
file://CVE-2024-24856.patch \
"
SRC_URI[sha256sum] = "2511f85828820d747fa3e2c3433d3a38c22db3d9c2fd900e1a84eb4173cb5992"
UPSTREAM_CHECK_URI = "https://acpica.org/downloads"