From patchwork Sat Nov 15 18:18:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 74740 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A465CCEB2F7 for ; Sat, 15 Nov 2025 18:18:20 +0000 (UTC) Received: from mail-wr1-f44.google.com (mail-wr1-f44.google.com [209.85.221.44]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.13792.1763230692952751064 for ; Sat, 15 Nov 2025 10:18:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=OhToBi1i; spf=pass (domain: gmail.com, ip: 209.85.221.44, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f44.google.com with SMTP id ffacd0b85a97d-42b3c5defb2so2049502f8f.2 for ; Sat, 15 Nov 2025 10:18:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1763230691; x=1763835491; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=fRoJhrYJvHPc33u+XCGsF7+PtCkTwN4T6nCg0XN/B4E=; b=OhToBi1iGPRHmhhIMJMLS4JUl598E46E8jzDSAv8abD1AaV6e1j8zY+xo9QazLbaBJ jbrwzhgvb4l0YVf9+cRQVRzTOqIYU+76jazIA9e+lBqlAflHppXCjQUcc+s0DdEJHCy2 eY34YoFNiogOl/RWAxoeFXXnCzF63DN6Es+lQzNGG2PIJdWYh0LKPo0TsyuPjs1TF0Q/ 5tLdfUf9r27XM4/dxz8vxR1zsAGRY3GytERRLDrf+tRg9x8r3tVXnVJfbeC+QBJJ3b9P iupLgW57N6QBfD+OUaULfCqK9pWrN7khwvG/aZT9nHd/iD2dsbqC3U8XbSNgkndQ24c8 2qwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763230691; x=1763835491; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fRoJhrYJvHPc33u+XCGsF7+PtCkTwN4T6nCg0XN/B4E=; b=nNQz1deZCsdeGawvhnMxZDcRUoQVtNpOhe4qrkv7NvBDBf3ZBQQxSdmMax8Kxu2ADs 5LJB9jHK2fccP0YSov+LB2RMLO7odvGZ1+Ns+WJIuzfrbZvmAXfV2U3zie4d7Y5mP2Lh 1rnNRXY4wArT/rR5KEJgnosTM22NQbvwmo0oV6F3L9L4EDTUkGuyUusWN3wD5ZVYm5h5 PnBQg8ZlkNUaG6C9F1aYLOVip0Ob7nPw3KJ3ZwV2JDMslaQy/gS6Oo0PcRTBiPGZQYSV yOBu+l4Coj0PFIQh2aM9E8SufdvoL7qlVL4jGMPNSMtden6fiTJHG2pTbPLK46xtZLTi 3oAw== X-Gm-Message-State: AOJu0YytXPpP0kKsrcTWa9fNJz7osTHhI2ZbKHZc4AJ0VUYhGgQ4aBaa XoYX6hMYAJzpoLuTEmzEFxPfTHFSD8Fo7ikKxdt1J3uicHcUTFwSVRVKkcuKE+gb X-Gm-Gg: ASbGnctfJmF1lB/qEb/XgK42DG02Ta5x15DZoQKNi5heu9DWFsbiTdFdKO62aRYE6cA cj/E0kcmW+/Q6rUwbkSQ/F9ajaGoU2x5yDnjyiq8FJEVDktTcLRYNF0jZULSUjfGuo74HQiI5xk X5jKqvSG29Eauzympvoy7t+/euFr9fhTjAXgyJ/sd8/9inZDwtrupUSiJWRDWwHQWlWVHJaeQq1 KsK6523to329Qlo+b0BxOdV5qwA/e5jvuIASLQ41oVenrhoP4EsY8ijqtkBmrhFDvZpEA1F+UyJ +Lah9TG35Tu/5cFIGMeWusQS9Y7ZX4iIKsgfwfxUjzi50a9YSsJjcj0cMqAgpQOO3B9A7gmUYAG ktQtF6Qoiy2a24bEk5Txr4lF9jx048/qB9S//oBx/+1Lamb8mIp5bWZ0YplwZU3ejQfR84UJzFn JWbeqiB7Ar X-Google-Smtp-Source: AGHT+IHzUN6xJBFg83ljx/rNlj0dJGVxV4XJ87tihhfFC7+HajauYDc9Zl0YOMoedcHK7hswFAy04A== X-Received: by 2002:a05:6000:400a:b0:429:d170:b3ca with SMTP id ffacd0b85a97d-42b5939b17emr6432538f8f.55.1763230691201; Sat, 15 Nov 2025 10:18:11 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-42b53e7b12asm17344186f8f.10.2025.11.15.10.18.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Nov 2025 10:18:10 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][PATCH v2 1/4] yasm: add alternative CVE_PRODUCT Date: Sat, 15 Nov 2025 19:18:07 +0100 Message-ID: <20251115181810.1262158-1-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.2 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 15 Nov 2025 18:18:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/121738 There are multiple vendors for yasm: $ sqlite3 ./nvdcve_2-2.db "select distinct vendor, product from products where product = 'yasm';" tortall|yasm yasm_project|yasm Both products refer to the same application Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-devtools/yasm/yasm_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index 68895a1697..abaeef4db3 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -33,3 +33,5 @@ do_configure:prepend() { CVE_STATUS_GROUPS += "CVE_STATUS_HASH_UPDATE" CVE_STATUS_HASH_UPDATE = "CVE-2021-33454 CVE-2023-31975 CVE-2023-37732" CVE_STATUS_HASH_UPDATE[status] = "fixed-version: patched in current git hash" + +CVE_PRODUCT += "tortall:yasm yasm_project:yasm" From patchwork Sat Nov 15 18:18:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 74742 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0C42CEB2F5 for ; Sat, 15 Nov 2025 18:18:20 +0000 (UTC) Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.13793.1763230693550423780 for ; Sat, 15 Nov 2025 10:18:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=QyYnPApb; spf=pass (domain: gmail.com, ip: 209.85.221.48, mailfrom: skandigraun@gmail.com) Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-429c48e05aeso1798153f8f.1 for ; Sat, 15 Nov 2025 10:18:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1763230692; x=1763835492; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=wOIkVwhBeoFWvjoe+8C9pL8QLbG2w7DadcJdUTcL+fY=; b=QyYnPApb/4hJ8pWQ2o5n8taCTrZkQYwE4E903m0I2Jp+ekX2lL7t1UwRvgK78ZreAh fkS+4G+FrcYRK4v5W1K8SAfg2ZtLRjRnbYY0sJJkT3x8efuZnCoApIUSmoJJX6abZqhU N/Ti01ZrhFIOTBtpfsSkJmo4tF7y2iG3+y2p7x5uHRXxyAiQyH1VldNrsQeiV+lWMW4r oQHWRmXCLLOgOo6SKI7sYn0LAOFoZCX7PiP9RN4YjgWKM91JQ3u0OrcdhgIbGs9tcDDd eTepe7z2/uiUhNif7Q6GTtTVhJ0Dq2LIky6sxxWpxWjRL2jnppvAVMJTcBIYYrmHviSc LZxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763230692; x=1763835492; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=wOIkVwhBeoFWvjoe+8C9pL8QLbG2w7DadcJdUTcL+fY=; b=LrjM6yNnWfXaimN4o+ti8Gg1yeno84SIV4XVk8p/bakea2ZidEbZkKw7Jw89lUbDo+ Ce7dpZq/4C80XJNSf+L9giyD2SpSvFnlpnQ2tiRwDy7HyfiM87dvSJoeZZkJOb8QSNNs VIZqOzzEXu7Tg1dq7x4ofd65D7m3cu0RiR4G4TDatRbZJrD4S2L+CJs51A3LZqoHs6EO 7mnCKgza/A8fUQ2PoPWTsXhTzXkntBRk800+3TCyp7yo5PpLv0dzYn6QFmy2NzcuPzwU uQpGontHoE/3G5y4838WCWTLgrFM/F4obg7NrKZHG5emU3/ZvLMkbNiWh8wWnPxOt0QJ IFVQ== X-Gm-Message-State: AOJu0Yy7FbZHFbpjBGTEVwGVH/6lNhavgji1gVFnF/8lR2DNj5ZGDNp6 NJBAC1oiWUodrGGci21iQ3sryQ5JsbmcMWYshkWqsg22ZNTAwxcchYvwTb3rFsyS X-Gm-Gg: ASbGncunT9NQMoM6mzwbVzKEh+JNub/g1ycO4WPUnXRn+bpuM7TT8e/FT3rEt2wy8iC B7Ic7tCZ4iwrcMQ63walC3umAsveiRJ5lLL4LYxWIExEz6wno9ItE+scxIBQJS+D/nYFPs83yTb vR4dGNl3LzrsBkd0PV+zojsLlpfq7iMsNg/MSnkcimQZrJ/ziTiaum126UVDG6aG0pzNSqs0mvm 2OO2wi3puK53gF2adYBlO15SkXcrJ4aama1EJEppa5f2OCla6pivgG/Aciz1zP/uF8676WQh/Ak JZtjksb/d6SLQ3R8lNMtl/vjQQa/sOqfSg9uTQ9UBVQeWFZs7LNdxnZNyGL4HzKEGNpMGi/DAAU zsuvUZivR0MlsSAKnaSS3Wz2OI5SyocXZTPNDQktoqjfMKT5zd5n7APqcNG5cz7MX0ADDZ3tkd5 lf797V3qS5 X-Google-Smtp-Source: AGHT+IGCIWNojO4trZlMS4udQ8mZjsu9c8e3uXKIJsdOTwFWUwQ14K47Qa5HQeZDPvO7hgpKALlA1g== X-Received: by 2002:a5d:5f92:0:b0:429:cff0:1929 with SMTP id ffacd0b85a97d-42b58ddc246mr7197545f8f.29.1763230691858; Sat, 15 Nov 2025 10:18:11 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-42b53e7b12asm17344186f8f.10.2025.11.15.10.18.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Nov 2025 10:18:11 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][PATCH v2 2/4] yasm: patch CVE-2023-29579 Date: Sat, 15 Nov 2025 19:18:08 +0100 Message-ID: <20251115181810.1262158-2-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251115181810.1262158-1-skandigraun@gmail.com> References: <20251115181810.1262158-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 15 Nov 2025 18:18:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/121739 Details: https://nvd.nist.gov/vuln/detail/CVE-2023-29579 The patch was taken from Debian: https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/ Signed-off-by: Gyorgy Sarvari --- .../yasm/yasm/CVE-2023-29579.patch | 39 +++++++++++++++++++ meta-oe/recipes-devtools/yasm/yasm_git.bb | 3 +- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch new file mode 100644 index 0000000000..58b4ed1996 --- /dev/null +++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch @@ -0,0 +1,39 @@ +From 81c1b7b0a28f052eaadddcb010944bf67e6ae257 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Sat, 15 Nov 2025 13:24:21 +0100 +Subject: [PATCH] Make sure CPU feature parsing use large enough string buffer. + Fixes CVE-2023-29579. + +Author: Petter Reinholdtsen +Bug: https://github.com/yasm/yasm/issues/214 +Bug-Debian: https://bugs.debian.org/1035951 +Forwarded: https://github.com/yasm/yasm/issues/214 +Last-Update: 2025-04-30 + +This patch is taken from Debian: +https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/ + +CVE: CVE-2023-29579 +Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/214] + +Signed-off-by: Gyorgy Sarvari +--- + modules/arch/x86/x86arch.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/modules/arch/x86/x86arch.c b/modules/arch/x86/x86arch.c +index bac11774..58327958 100644 +--- a/modules/arch/x86/x86arch.c ++++ b/modules/arch/x86/x86arch.c +@@ -165,8 +165,9 @@ x86_dir_cpu(yasm_object *object, yasm_valparamhead *valparams, + yasm_error_set(YASM_ERROR_SYNTAX, + N_("invalid argument to [%s]"), "CPU"); + else { +- char strcpu[16]; +- sprintf(strcpu, "%lu", yasm_intnum_get_uint(intcpu)); ++ char strcpu[21]; /* 21 = ceil(log10(LONG_MAX)+1) */ ++ assert(8*sizeof(unsigned long) <= 64); ++ snprintf(strcpu, sizeof(strcpu), "%lu", yasm_intnum_get_uint(intcpu)); + yasm_x86__parse_cpu(arch_x86, strcpu, strlen(strcpu)); + } + } else diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index abaeef4db3..4fb1aa3552 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -14,7 +14,8 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \ file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \ file://0001-bitvect-fix-build-with-gcc-15.patch \ -" + file://CVE-2023-29579.patch \ + " inherit autotools gettext python3native From patchwork Sat Nov 15 18:18:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 74741 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B056ACEB2FC for ; Sat, 15 Nov 2025 18:18:20 +0000 (UTC) Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.13938.1763230694448700282 for ; Sat, 15 Nov 2025 10:18:14 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=A5AmvA5x; spf=pass (domain: gmail.com, ip: 209.85.128.44, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-47774d3536dso25078645e9.0 for ; Sat, 15 Nov 2025 10:18:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1763230693; x=1763835493; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GVhwjOctpXnmXWjS5GU2u/0T43VaMuY7w++ucv3XM9w=; b=A5AmvA5xnf6IxpdLC9c1+Ct9uVzqVvwyiSXRCzCMw4jVeW7nopv7dD7rb0yEfjoAef xFKMK2mlsMYnOi37qCW1yf1K2hoJmfmGD7B1T+stKDRBvkbew7/KJHAaWAH/Dxd4xWLy sLynpKl5g9kXsvUoRzw41ddPHNuc9JcFnFhcXUq5oPh0chd6RFvNmmqr50casLLkKjXl +f3FtLwKzjSMQmpnwgXRXQO5P2l8kncjRzgRsMhzsJgI3xtUppgTtYsBVg4aa8hXbLyn nrr1CuAEc9GobLOs4CNpzJR1VO1BXfVUvJoC2SjAwH1scUwEcmQ+2DxkpqqBzMYFtyS8 MnuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763230693; x=1763835493; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=GVhwjOctpXnmXWjS5GU2u/0T43VaMuY7w++ucv3XM9w=; b=pN6ixjn1niNWPfbtF6hVljC8n3sgJVIqxgF+xeOyVku8rK98IaVTAL7GXcD9ek4Ac/ /Ut12618nhKVDs/WZDQHdkFLXTSoDGdJlxEjSG1desXySj3EB+YWHplqK/3NANYXEmXD 6rpKjHilpHOtvMq9nwmj3D6Ql+JGLG/sJhRycXBgTZV4h83BW0yoGbqzOnUK1AH6vbue 61c/ju6isa6LimQcV0ufvnUaoPRH/enq/wy3GXBHYaeO03vaNGZqegZ/pRtF9vH/P/om 1GcIHzbI1OJSamfVP6X9p/pJkf9QIUxpm0ZSsKYs3mRma/o/xXktdRXGQw0J38/MgHIz ia1Q== X-Gm-Message-State: AOJu0Yy63I2hcElIGHmEAuNdetIPxO1H0I33CpMf9k1rp95fwHmJqRgS x4ricjZFaehdd7MLMSIRyQUKPkdoRcrNn9T+fZmC7YI5RH9ttQt4QqzvjLp4AbYK X-Gm-Gg: ASbGncvRThVF0Hvil9ATHpdwqScBm3516UPuuZiPrCeQ55BcMmoGDAcP/eFI/clBX04 fqW/xl6qYTR4HeB9mROQYHlWuy5Nff2GJPxxjaADgjDciHWHE9Pl3k/Uaq15gmbppUi3uoPJOkv 7H7bYcKCqdKP2KWR+pXQuGxbTuv/jJTIWEFYHM97+lHLbAZ4McO5qtFHk54/3tsAzAaSsxMPgKt YLFjJWJeFuIYDKoXbqPigWfSYMN8Tqp6L+Zxvbnq8Np7ytYmSuTyAsUMn0s5m9dIpC0ZpAwrj/C Gh+Iy7s+bAEbHP72XXOZUfz/FyCHpjaqg4JJuvBgu47nh745xYGmFlD/SKoXf19LHfveo6iRRpL CYOvfNtfi4Ca3FCekA1j/zShCMhxabOv40S7qwJQ8CkMXkvXoOVNX0J91Oz1BDBgSO8ve6QIYoH iXG2A5MHs+ X-Google-Smtp-Source: AGHT+IGA+qj9ppH/L076dqNlF4wNKS/s6skgGC2spJSZ6+Qq47mCmP9ZeR8flWBHfM7lnjzcl0F/OQ== X-Received: by 2002:a05:600c:3586:b0:477:7d94:9cf0 with SMTP id 5b1f17b1804b1-4778fdb36d5mr75137455e9.12.1763230692511; Sat, 15 Nov 2025 10:18:12 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-42b53e7b12asm17344186f8f.10.2025.11.15.10.18.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Nov 2025 10:18:12 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][PATCH v2 3/4] yasm: patch CVE-2021-33464 Date: Sat, 15 Nov 2025 19:18:09 +0100 Message-ID: <20251115181810.1262158-3-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251115181810.1262158-1-skandigraun@gmail.com> References: <20251115181810.1262158-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 15 Nov 2025 18:18:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/121740 Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33464 The patch was taken from Debian: https://sources.debian.org/patches/yasm/1.3.0-8/1010-nasm-pp-no-env-CVE-2021-33464.patch/ Signed-off-by: Gyorgy Sarvari --- .../yasm/yasm/CVE-2021-33464.patch | 34 +++++++++++++++++++ meta-oe/recipes-devtools/yasm/yasm_git.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33464.patch diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33464.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33464.patch new file mode 100644 index 0000000000..ebae250ff9 --- /dev/null +++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33464.patch @@ -0,0 +1,34 @@ +From 3c3f968d48d768c1e355199d4067d99cb72abc26 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Sat, 15 Nov 2025 13:30:12 +0100 +Subject: [PATCH] Handle file descriptors with nonexisting env names better. + Avoid writing past allocated memory. + +This fixes CVE-2021-33464. +Author: Petter Reinholdtsen +Bug: https://github.com/yasm/yasm/issues/164 +Bug-Debian: https://bugs.debian.org/1016353 +Forwarded: https://github.com/yasm/yasm/issues/164 +Last-Update: 2025-04-30 + +CVE: CVE-2021-33464 +Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/164] + +Signed-off-by: Gyorgy Sarvari +--- + modules/preprocs/nasm/nasm-pp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/modules/preprocs/nasm/nasm-pp.c b/modules/preprocs/nasm/nasm-pp.c +index 512f02c3..f9f92dd1 100644 +--- a/modules/preprocs/nasm/nasm-pp.c ++++ b/modules/preprocs/nasm/nasm-pp.c +@@ -1815,7 +1815,7 @@ inc_fopen(char *file, char **newname) + error(ERR_WARNING, "environment variable `%s' does not exist", + p1+1); + *p2 = '%'; +- p1 = p2+1; ++ pb = p1 = p2+1; + continue; + } + /* need to expand */ diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index 4fb1aa3552..9bd81c1dfd 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \ file://0001-bitvect-fix-build-with-gcc-15.patch \ file://CVE-2023-29579.patch \ + file://CVE-2021-33464.patch \ " From patchwork Sat Nov 15 18:18:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 74743 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B649CCEB2FA for ; Sat, 15 Nov 2025 18:18:20 +0000 (UTC) Received: from mail-wm1-f44.google.com (mail-wm1-f44.google.com [209.85.128.44]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.13794.1763230694903370341 for ; Sat, 15 Nov 2025 10:18:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=cG9d1fk9; spf=pass (domain: gmail.com, ip: 209.85.128.44, mailfrom: skandigraun@gmail.com) Received: by mail-wm1-f44.google.com with SMTP id 5b1f17b1804b1-47755de027eso22138195e9.0 for ; Sat, 15 Nov 2025 10:18:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1763230693; x=1763835493; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OjI7vNmfIBdwqxM0xbAYMtXyPBX+KTstm1OaAYnKrK4=; b=cG9d1fk9QvMVwnWdMOHnoVHlHWNA2X2cF1ctEE9atktuYla+LbLocarr3PTY9TsdEF sf/tRcq3MwffRlOWUzedU+T6rFUxZEBmmtIggTukrM+1JirbpVu3JSP1dvqUGHtzGrQn RvStFm8iMmcMFA1Z7WLhiDRgiQo8fU0UstVHtrGGkZWpmqnhcw+n8j2PqopnuO3og7kj PHiPrlamI7/B09BN2w0EAM0ASaXWxHdTOyKTE4W/0ygn2HLf26grCC4hBvUD+6FUz0oo 8Urhtu5OHd6foIphS3qn0WBF0n3SnWbge9ZR45dK+oNu/OVcBV+GxNhd2IoGQrC3oZCl eqPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1763230693; x=1763835493; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=OjI7vNmfIBdwqxM0xbAYMtXyPBX+KTstm1OaAYnKrK4=; b=X3AfpL4LRr/cLHWgqHjrkM4eNk7vK3lKPFcKHGbOhFW7mcg520b8KWLtfmQFCi3Rau MI1ox5n2ULHllEsO0SmP4MhaQZOl3ptE7knmlZfpDi5PG+lVf4h2TRfY3ASaci7Xc6HP f1yvSAFzcLbLY6pa9eN2EJyE31x938K7rzwKKZSQ2pgUkH2Dqe96133NzGDsEm/SEZeb +4JnYoNGze0RYbqaFf/mq6RA4NRe5OG+UP5hRYMoZBgOruqO5pA6P3S/fKjhJTUGOkuQ BC556p+nqcAS8ebLvrgoK+PkVT+Eq8aD86idMY6P4oBH9E9z6n+E+CG2YRBblSrRQxst r9hQ== X-Gm-Message-State: AOJu0YwdyKj5wmWLu1/FKDFdXtywXG78bUt2RbQrcE6Q+LMTCjJ7Vo3L h1Axycx6nHYwFz0jhabI5qfbtFK7Qt4pviYG2+c3dIQH5WygO4PL//91Qz2E9Mfn X-Gm-Gg: ASbGncvMMcuI4RNlxbUfFtrV4DlDZJXJWoeUYNpQYTHLgz6WGayG5yQeMALFY6ytabt 9FbVYFCYiP9b5XoW1+OQQIFeQW+7XytzibC2EYkd23DtsKUyw0sGFnnp7QK6CgTQemMBl8tlTCA DwXFjzuJZJffrA2fix7O07IDA/MUdE9PAidU/vNabUtCUQAZOCVzksnyxOz4BzPuwfCxVLrc1Da lb+fQCFwY4PHSUp86OUI5jQonO0QSp5cPBa7CPcP3FXgRjylcgCyM5ZOHXLSX5qkG0xjAESI+dp H3v1sNT2tjpxRsbMNM8AHjhYxt/bwm6xZcUxWh7iCmK+Fqo7UkKQmGKqpBr77R8lDmzzhcJSDQ6 JAjJfx5ZdzqSX6wv8J6HDvpXfOo2TiutqZ5B9agPTixeH/V4AGf9JMGsD1tPbxI2XpMuJRio3HL wGc6z+t3KQ X-Google-Smtp-Source: AGHT+IHCMxJhDSyx44DzLD292lXAmZkqUROS95waKB5htZEGSYZ9vp1Z463wYBGFByZ1oCYU0BTZIQ== X-Received: by 2002:a05:600c:4f0d:b0:465:a51d:d4 with SMTP id 5b1f17b1804b1-4778fe41c75mr68981025e9.6.1763230693222; Sat, 15 Nov 2025 10:18:13 -0800 (PST) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-42b53e7b12asm17344186f8f.10.2025.11.15.10.18.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 15 Nov 2025 10:18:12 -0800 (PST) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][PATCH v2 4/4] yasm: patch CVE-2021-33456 Date: Sat, 15 Nov 2025 19:18:10 +0100 Message-ID: <20251115181810.1262158-4-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.2 In-Reply-To: <20251115181810.1262158-1-skandigraun@gmail.com> References: <20251115181810.1262158-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 15 Nov 2025 18:18:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/121741 Details: https://nvd.nist.gov/vuln/detail/CVE-2021-33465 The patch was taken from Debian: https://sources.debian.org/patches/yasm/1.3.0-8/1020-hash-null-CVE-2021-33456.patch/ Signed-off-by: Gyorgy Sarvari --- .../yasm/yasm/CVE-2021-33456.patch | 35 +++++++++++++++++++ meta-oe/recipes-devtools/yasm/yasm_git.bb | 1 + 2 files changed, 36 insertions(+) create mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33456.patch diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33456.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33456.patch new file mode 100644 index 0000000000..2340d8ed75 --- /dev/null +++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2021-33456.patch @@ -0,0 +1,35 @@ +From 1126140b8f5ece18c58640725f0e4c08e5ec97b0 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari +Date: Sat, 15 Nov 2025 13:34:15 +0100 +Subject: [PATCH] A potential null pointer difference is that the return value + of the hash may be null. This fixes CVE-2021-33456. + +From: lixuebing +Date: Mon, 25 Aug 2025 13:51:28 +0800 +Subject: Fix null-pointer-dereference in hash +Bug: https://github.com/yasm/yasm/issues/175 +Origin: https://github.com/yasm/yasm/pull/290 + +CVE: CVE-2021-33456 +Upstream-Status: Submitted [https://github.com/yasm/yasm/pull/290] + +Signed-off-by: Gyorgy Sarvari +--- + modules/preprocs/nasm/nasm-pp.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/modules/preprocs/nasm/nasm-pp.c b/modules/preprocs/nasm/nasm-pp.c +index f9f92dd1..473d98c1 100644 +--- a/modules/preprocs/nasm/nasm-pp.c ++++ b/modules/preprocs/nasm/nasm-pp.c +@@ -1102,6 +1102,10 @@ hash(char *s) + { + unsigned int h = 0; + unsigned int i = 0; ++ /* Check if the input string is NULL to avoid null pointer dereference */ ++ if (s == NULL) { ++ return 0; ++ } + /* + * Powers of three, mod 31. + */ diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index 9bd81c1dfd..6ddd94621a 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -16,6 +16,7 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ file://0001-bitvect-fix-build-with-gcc-15.patch \ file://CVE-2023-29579.patch \ file://CVE-2021-33464.patch \ + file://CVE-2021-33456.patch \ "