diff options
Diffstat (limited to 'meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch')
-rw-r--r-- | meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch new file mode 100644 index 0000000000..4ca60f99d5 --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch @@ -0,0 +1,39 @@ +From b808b2852a0b48c6f9dbb038f932613cea3126c2 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Thu, 27 Oct 2022 09:51:27 +0530 +Subject: [PATCH] CVE-2022-3637 + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/monitor/jlink.c?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f] +CVE: CVE-2022-3637 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> + +monitor: Fix crash when using RTT backend + +This fix regression introduced by "monitor: Fix memory leaks". +J-Link shared library is in use if jlink_init() returns 0 and thus +handle shall not be closed. +--- + monitor/jlink.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/monitor/jlink.c b/monitor/jlink.c +index afa9d93..5bd4aed 100644 +--- a/monitor/jlink.c ++++ b/monitor/jlink.c +@@ -120,9 +120,12 @@ int jlink_init(void) + !jlink.tif_select || !jlink.setspeed || + !jlink.connect || !jlink.getsn || + !jlink.emu_getproductname || +- !jlink.rtterminal_control || !jlink.rtterminal_read) ++ !jlink.rtterminal_control || !jlink.rtterminal_read) { ++ dlclose(so); + return -EIO; ++ } + ++ /* don't dlclose(so) here cause symbols from it are in use now */ + return 0; + } + +-- +2.25.1 + |