mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-12 03:33:02 +01:00

Commit Graph

Author	SHA1	Message	Date
Sean Nyekjaer	d4bc6a9374	dmidecode: fixup for CVE-2023-30630 The previous CVE-2023-30630_1.patch picked only the patch "dmidecode: Write the whole dump file at once" d8cfbc808f. But there was a refactoring which does not allow to cherry-pick it fast forward. Resolving this conflict was not correctly done. The patch was: + u32 len; + u8 *table; ... - if (!(opt.flags & FLAG_QUIET)) - pr_comment("Writing %d bytes to %s.", crafted[0x05], - opt.dumpfile); - write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1); + dmi_table_dump(crafted, crafted[0x05], table, len); It looks like the variables len and table have been added without initialization. Now this problem is solved by applying the previous refactoring as well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are rebased without changes. This is basically the same patch as in kirkstone: ea069a94a2 dmidecode: fixup for CVE-2023-30630 (From OE-Core rev: 0bc69dc078c39381a39789d3c5fff673d7da994c) Signed-off-by: Sean Nyekjaer <sean@geanix.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2023-10-25 04:51:00 -10:00
Yogita Urade	4c0213759a	dmidecode: fix CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. References: https://nvd.nist.gov/vuln/detail/CVE-2023-30630 https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html (From OE-Core rev: f92e59a0894145a828dc9ac74bf8c7a9355e0587) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2023-07-20 12:10:40 -10:00
wangmy	5f58d68352	dmidecode: upgrade 3.3 -> 3.4 Changelog: ========== - Support for SMBIOS 3.4.0. This includes new memory device types, new processor upgrades, new slot types and characteristics, decoding of memory module extended speed, new system slot types, new processor characteristics and new format of Processor ID. - Support for SMBIOS 3.5.0. This includes new processor upgrades, BIOS characteristics, new slot characteristics, new on-board device types, new pointing device interface types, and a new record type (type 45 - Firmware Inventory Information). - Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240. - Bug fixes: Fix OEM vendor name matching Fix ASCII filtering of strings Fix crash with option -u - Minor improvements: Skip details of uninstalled memory modules Don't display the raw CPU ID in quiet mode Improve the formatting of the manual pages (From OE-Core rev: 5928085c909365d7569f26243058a328ef2832e1) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2022-07-01 11:31:42 +01:00

Author

SHA1

Message

Date

Sean Nyekjaer

d4bc6a9374

dmidecode: fixup for CVE-2023-30630

The previous CVE-2023-30630_1.patch picked only the patch
"dmidecode: Write the whole dump file at once" d8cfbc808f.
But there was a refactoring which does not allow to cherry-pick it fast
forward. Resolving this conflict was not correctly done. The patch was:

+    u32 len;
+    u8 *table;
...
-    if (!(opt.flags & FLAG_QUIET))
-        pr_comment("Writing %d bytes to %s.", crafted[0x05],
-                   opt.dumpfile);
-    write_dump(0, crafted[0x05], crafted, opt.dumpfile, 1);
+    dmi_table_dump(crafted, crafted[0x05], table, len);

It looks like the variables len and table have been added without
initialization.
Now this problem is solved by applying the previous refactoring as
well. Patch 1 gets replaced by Patch 1a and Patch 1b. Patch 2..4 are
rebased without changes.

This is basically the same patch as in kirkstone:
ea069a94a2 dmidecode: fixup for CVE-2023-30630

(From OE-Core rev: 0bc69dc078c39381a39789d3c5fff673d7da994c)

Signed-off-by: Sean Nyekjaer <sean@geanix.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2023-10-25 04:51:00 -10:00

Yogita Urade

4c0213759a

dmidecode: fix CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file.
This has security relevance because, for example, execution of
Dmidecode via Sudo is plausible.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-30630
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html

(From OE-Core rev: f92e59a0894145a828dc9ac74bf8c7a9355e0587)

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2023-07-20 12:10:40 -10:00

wangmy

5f58d68352

dmidecode: upgrade 3.3 -> 3.4

Changelog:
==========
  - Support for SMBIOS 3.4.0. This includes new memory device types, new
    processor upgrades, new slot types and characteristics, decoding of memory
    module extended speed, new system slot types, new processor characteristics
    and new format of Processor ID.
  - Support for SMBIOS 3.5.0. This includes new processor upgrades, BIOS
    characteristics, new slot characteristics, new on-board device types, new
    pointing device interface types, and a new record type (type 45 -
    Firmware Inventory Information).
  - Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240.
  - Bug fixes:
    Fix OEM vendor name matching
    Fix ASCII filtering of strings
    Fix crash with option -u
  - Minor improvements:
    Skip details of uninstalled memory modules
    Don't display the raw CPU ID in quiet mode
    Improve the formatting of the manual pages

(From OE-Core rev: 5928085c909365d7569f26243058a328ef2832e1)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2022-07-01 11:31:42 +01:00

3 Commits