diff mbox series

[meta-oe,walnascar[PATCH,1/1] fix: CVE-2025-53644

Message ID 20250918045747.2782896-1-praveen.kumar@windriver.com
State New
Headers show
Series [meta-oe,walnascar[PATCH,1/1] fix: CVE-2025-53644 | expand

Commit Message

pkumar7 Sept. 18, 2025, 4:57 a.m. UTC 
From: Praveen Kumar <praveen.kumar@windriver.com>

OpenCV is an Open Source Computer Vision Library. Versions prior to
4.12.0 have an uninitialized pointer variable on stack that may lead
to arbitrary heap buffer write when reading crafted JPEG images.
Version 4.12.0 fixes the vulnerability.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-53644

Upstream-patch:
https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
 .../opencv/opencv/CVE-2025-53644.patch        | 29 +++++++++++++++++++
 .../recipes-support/opencv/opencv_4.11.0.bb   |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch b/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch
new file mode 100644
index 0000000000..671e91b616
--- /dev/null
+++ b/meta-oe/recipes-support/opencv/opencv/CVE-2025-53644.patch
@@ -0,0 +1,29 @@ 
+From a39db41390de546d18962ee1278bd6dbb715f466 Mon Sep 17 00:00:00 2001
+From: Alexander Smorkalov <alexander.smorkalov@opencv.ai>
+Date: Tue, 13 May 2025 08:56:14 +0300
+Subject: [PATCH] Cherry-pick OpenJPEG deconding status fix.
+
+CVE: CVE-2025-53644
+
+Upstream-Status: Backport [https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ 3rdparty/openjpeg/openjp2/jp2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/3rdparty/openjpeg/openjp2/jp2.c b/3rdparty/openjpeg/openjp2/jp2.c
+index 6015190e1f..ab868bd7c1 100644
+--- a/3rdparty/openjpeg/openjp2/jp2.c
++++ b/3rdparty/openjpeg/openjp2/jp2.c
+@@ -2869,7 +2869,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream,
+                               p_image,
+                               p_manager);
+
+-    if (p_image && *p_image) {
++    if (ret && p_image && *p_image) {
+         /* Set Image Color Space */
+         if (jp2->enumcs == 16) {
+             (*p_image)->color_space = OPJ_CLRSPC_SRGB;
+--
+2.40.0
diff --git a/meta-oe/recipes-support/opencv/opencv_4.11.0.bb b/meta-oe/recipes-support/opencv/opencv_4.11.0.bb
index 61dc681a39..22760551aa 100644
--- a/meta-oe/recipes-support/opencv/opencv_4.11.0.bb
+++ b/meta-oe/recipes-support/opencv/opencv_4.11.0.bb
@@ -35,6 +35,7 @@  SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=4.x;protocol=ht
            file://0008-Do-not-embed-build-directory-in-binaries.patch \
            file://0001-core-fixed-VSX-intrinsics-implementation.patch \
            file://0001-FROMLIST-Switch-to-static-instance-of-FastCV-on-Linux.patch \
+           file://CVE-2025-53644.patch \
            "
 SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib"