rpms/udisks2
6
0
Fork 1
Code Issues Pull Requests Releases Activity

AlmaLinux changes: Enable Btrfs support

Browse Source
This commit is contained in:
Neal Gompa 2025-09-04 04:17:20 +00:00 committed by root
commit e5ef951b42
2 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
udisks-2.10.91-manager_loopsetup_fd_bounds.patch Normal file
View File

@ -0,0 +1,29 @@
From 55e36ef2af4fbfc92aab5cef50a69123e321f9f1 Mon Sep 17 00:00:00 2001
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Date: Tue, 15 Jul 2025 13:34:08 -0400
Subject: [PATCH 1/1] udiskslinuxmanager: Add lower bounds check to fd_index
Make sure fd_index isn't negative as this can lead to an OOB read
resulting in a crash, or to exposing internal file descriptors.
Reported by Michael Imfeld (born0monday).
---
src/udiskslinuxmanager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/udiskslinuxmanager.c b/src/udiskslinuxmanager.c
index 4e633284..887771ee 100644
--- a/src/udiskslinuxmanager.c
+++ b/src/udiskslinuxmanager.c
@@ -381,7 +381,7 @@ handle_loop_setup (UDisksManager *object,
goto out;
fd_num = g_variant_get_handle (fd_index);
- if (fd_list == NULL || fd_num >= g_unix_fd_list_get_length (fd_list))
+ if (fd_list == NULL || fd_num < 0 || fd_num >= g_unix_fd_list_get_length (fd_list))
{
g_dbus_method_invocation_return_error (invocation,
UDISKS_ERROR,
--
2.43.0

9
udisks2.spec
View File

@ -28,7 +28,7 @@
Name: udisks2
Summary: Disk Manager
Version: 2.10.90
Release: 5%{?dist}.alma.1
Release: 6%{?dist}.alma.1
License: GPL-2.0-or-later
URL: https://github.com/storaged-project/udisks
Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2
@ -37,6 +37,8 @@ Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{v
Patch0: udisks-2.11.0-lvm2-unused_device_detection-try_harder.patch
# https://issues.redhat.com/browse/RHEL-74012
Patch1: udisks-2.11.0-mdraid-inhibit-locks.patch
# https://issues.redhat.com/browse/RHEL-109406
Patch2: udisks-2.10.91-manager_loopsetup_fd_bounds.patch
BuildRequires: make
BuildRequires: glib2-devel >= %{glib2_version}
@ -344,9 +346,12 @@ fi
%endif
%changelog
* Wed May 28 2025 Neal Gompa <ngompa@almalinux.org> - 2.10.90-5.alma.1
* Thu Sep 04 2025 Neal Gompa <ngompa@almalinux.org> - 2.10.90-6.alma.1
- AlmaLinux changes: Enable Btrfs support
* Tue Sep 02 2025 Tomas Bzatek <tbzatek@redhat.com> - 2.10.90-6
- udiskslinuxmanager: Add lower bounds check to fd_index (CVE-2025-8067) (RHEL-109406)
* Fri Jan 24 2025 Tomas Bzatek <tbzatek@redhat.com> - 2.10.90-5
- mdraid: Avoid acquiring system inhibit lock for external array operations (RHEL-74012)