aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch')
-rw-r--r--meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch52
1 files changed, 52 insertions, 0 deletions
diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
new file mode 100644
index 0000000000..6fd6792087
--- /dev/null
+++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-31489.patch
@@ -0,0 +1,52 @@
+From 4e1fc50394df0b69f32a9cf8ba8e1dcee2c67563 Mon Sep 17 00:00:00 2001
+From: Narpat Mali <narpat.mali@windriver.com>
+Date: Tue, 20 Jun 2023 14:01:46 +0000
+Subject: [PATCH] bgpd: Check 7 bytes for Long-lived Graceful-Restart
+ capability
+
+It's not 4 bytes, it was assuming the same as Graceful-Restart tuples.
+LLGR has more 3 bytes (Long-lived Stale Time).
+
+Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
+
+CVE: CVE-2023-31489
+
+Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/b1d33ec293e8e36fbb8766252f3b016d268e31ce]
+
+Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
+---
+ bgpd/bgp_open.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
+index 6bdefd0e9..ad56149f6 100644
+--- a/bgpd/bgp_open.c
++++ b/bgpd/bgp_open.c
+@@ -578,12 +578,24 @@ static int bgp_capability_restart(struct peer *peer,
+ static int bgp_capability_llgr(struct peer *peer,
+ struct capability_header *caphdr)
+ {
++/*
++ * +--------------------------------------------------+
++ * | Address Family Identifier (16 bits) |
++ * +--------------------------------------------------+
++ * | Subsequent Address Family Identifier (8 bits) |
++ * +--------------------------------------------------+
++ * | Flags for Address Family (8 bits) |
++ * +--------------------------------------------------+
++ * | Long-lived Stale Time (24 bits) |
++ * +--------------------------------------------------+
++ */
++#define BGP_CAP_LLGR_MIN_PACKET_LEN 7
+ struct stream *s = BGP_INPUT(peer);
+ size_t end = stream_get_getp(s) + caphdr->length;
+
+ SET_FLAG(peer->cap, PEER_CAP_LLGR_RCV);
+
+- while (stream_get_getp(s) + 4 <= end) {
++ while (stream_get_getp(s) + BGP_CAP_LLGR_MIN_PACKET_LEN <= end) {
+ afi_t afi;
+ safi_t safi;
+ iana_afi_t pkt_afi = stream_getw(s);
+--
+2.40.0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-24 09:53:44 +0000
i/zeus'>obi/zeus OpenEmbedded Core user contribution treesGrokmirror user
summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/glibc/glibc-locale.inc
blob: b8de7d3192ed95ee35b876a1a0b3095cf88a49b2 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103