95ad6e369a
Resolves: RHEL-111721 Also add BuildRequires for p11-kit-client. This is due to a RHEL 10.2 change in p11-kit packaging (https://gitlab.com/redhat/centos-stream/rpms/p11-kit/-/commit/01aa4fd0) which moves the p11-kit-client.so into a new subpackage.
28 lines
771 B
Diff
28 lines
771 B
Diff
From b47ccd17559f79bfb2d6b94d2bf84856cf06259e Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Tue, 22 Apr 2025 21:18:44 +0200
|
|
Subject: [PATCH] CVE-2025-5318: sftpserver: Fix possible buffer overrun
|
|
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
---
|
|
src/sftpserver.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/sftpserver.c b/src/sftpserver.c
|
|
index 1afd8b2f..2aa28baa 100644
|
|
--- a/src/sftpserver.c
|
|
+++ b/src/sftpserver.c
|
|
@@ -704,7 +704,7 @@ void *sftp_handle(sftp_session sftp, ssh_string handle)
|
|
|
|
memcpy(&val, ssh_string_data(handle), sizeof(uint32_t));
|
|
|
|
- if (val > SFTP_HANDLES) {
|
|
+ if (val >= SFTP_HANDLES) {
|
|
return NULL;
|
|
}
|
|
|
|
--
|
|
2.50.1
|
|
|