Fix CVE-2022-38178
5962. [security] Fix memory leak in EdDSA verify processing. (CVE-2022-38178) [GL #3487] Resolves: CVE-2022-38178
This commit is contained in:
Petr Menšík
parent
55958c1edb
commit
7b05fe1bfb
32
bind-9.16-CVE-2022-38178.patch
Normal file
32
bind-9.16-CVE-2022-38178.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 132ef295b8407f91e6922f4dfc4f30f1790b61c5 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Mensik <pemensik@redhat.com>
|
||||
Date: Tue, 20 Sep 2022 11:22:47 +0200
|
||||
Subject: [PATCH 4/4] Fix CVE-2022-38178
|
||||
|
||||
5962. [security] Fix memory leak in EdDSA verify processing.
|
||||
(CVE-2022-38178) [GL #3487]
|
||||
---
|
||||
lib/dns/openssleddsa_link.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
|
||||
index 6a6a74d..3157011 100644
|
||||
--- a/lib/dns/openssleddsa_link.c
|
||||
+++ b/lib/dns/openssleddsa_link.c
|
||||
@@ -234,11 +234,11 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
|
||||
}
|
||||
#endif /* if HAVE_OPENSSL_ED448 */
|
||||
if (siglen == 0) {
|
||||
- return (ISC_R_NOTIMPLEMENTED);
|
||||
+ DST_RET(ISC_R_NOTIMPLEMENTED);
|
||||
}
|
||||
|
||||
if (sig->length != siglen) {
|
||||
- return (DST_R_VERIFYFAILURE);
|
||||
+ DST_RET(DST_R_VERIFYFAILURE);
|
||||
}
|
||||
|
||||
isc_buffer_usedregion(buf, &tbsreg);
|
||||
--
|
||||
2.37.3
|
||||
|
||||
@ -107,6 +107,7 @@ Patch173:bind-9.16-CVE-2021-25220.patch
|
||||
Patch174:bind-9.16-CVE-2021-25220-test.patch
|
||||
Patch175:bind-9.16-CVE-2022-3080.patch
|
||||
Patch176:bind-9.16-CVE-2022-38177.patch
|
||||
Patch177:bind-9.16-CVE-2022-38178.patch
|
||||
|
||||
%{?systemd_ordering}
|
||||
Requires: coreutils
|
||||
@ -412,6 +413,7 @@ in HTML and PDF format.
|
||||
%patch174 -p1 -b .CVE-2021-25220-test
|
||||
%patch175 -p1 -b .CVE-2022-3080
|
||||
%patch176 -p1 -b .CVE-2022-38177
|
||||
%patch177 -p1 -b .CVE-2022-38178
|
||||
|
||||
%if %{with PKCS11}
|
||||
%patch135 -p1 -b .config-pkcs11
|
||||
@ -1137,6 +1139,7 @@ fi;
|
||||
* Thu Sep 22 2022 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-5
|
||||
- Fix possible serve-stale related crash (CVE-2022-3080)
|
||||
- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
|
||||
- Fix memory leak in EdDSA verify processing (CVE-2022-38178)
|
||||
|
||||
* Thu Jul 14 2022 Petr Menšík <pemensik@redhat.com> - 32:9.16.23-4
|
||||
- Export bind-doc package (#2104863)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user