From patchwork Wed Jul 1 15:04:31 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tgaige.opensource@witekio.com X-Patchwork-Id: 91513 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4390DC43458 for ; Wed, 1 Jul 2026 15:04:56 +0000 (UTC) Received: from relay-r17-hz12.hornetsecurity.com (relay-r17-hz12.hornetsecurity.com [94.100.138.217]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.47340.1782918292693970145 for ; Wed, 01 Jul 2026 08:04:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@witekio.com header.s=selector1 header.b=lLqxZMBh; spf=permerror, err=parse error for token &{10 18 spf.hornetsecurity.com}: limit exceeded (domain: witekio.com, ip: 94.100.138.217, mailfrom: tgaige@witekio.com) ARC-Authentication-Results: i=2; mx-gate81-hz12.hornetsecurity.com 1; spf=pass reason=mailfrom (ip=40.107.159.87, headerfrom=witekio.com) smtp.mailfrom=witekio.com smtp.helo=osppr02cu001.outbound.protection.outlook.com; dkim=pass header.d=witekio.com header.s=selector1 header.a=rsa-sha256; dmarc=pass header.from=witekio.com orig.disposition=pass ARC-Message-Signature: a=rsa-sha256; bh=fsDWWIjyGljet+d4855tH1CyhONoe0T+VTozQTJ8ZkA=; c=relaxed/relaxed; d=hornetsecurity.com; h=from:to:date:subject:mime-version:; i=2; s=hse1; t=1782918290; b=LP5Efw4hWOKbhkxcUzcNZoA5pFkj7ECmBRFh9SamZjeSw/fIN3GXKtYM64Zz7gkFEy6L6NrC PDO2q9p1MqrVb7SJ3N8MAMx9uEk4qC2M48Lowmy0ZOtf+r6lp072QtHAXXMxuxcjcBuxJVyJ1yL iPDkfalfdnnS2bcgZjev8U1Sgh6iwtDfFUCe8WvTqKknspK7Q/OCAhT5/R+FAf4K2HNzD1iwzOH YAyJbFgpgMsZpevhuvhZGVu8qAMhn1p889WWbFHNHXGU8m0+PGM0xNCo6PNIiCiVafBpZHrWfp4 PHuG8wuhqS7QWugE0NIddaSyLI3Mn5ZFOn+Vl6g1LAF5g== ARC-Seal: a=rsa-sha256; cv=pass; d=hornetsecurity.com; i=2; s=hse1; t=1782918290; b=sj6SdakRmXiE4wiKiiICPb/Y/AFn+lzD6KwCTf1JogH3HN6yBpxtOGpE6DfzjnWiFJZO0uf9 wJLdgL3e/j7zh6l34Cw/AUkxfSf3PRO30w+L0uGjBDNyO0WNUVwMrMixgSF684DpI4s7lupOUgT ZmaXaC6NRCuVHKYwd3B0r2bqg/JaFMcZaWIa0i2j6B4dfmbcf+p2W3z4hNe9t6FvIL0xAGCSGeQ ovXSpQifzzKOiHg7B/KuuiGc76IHfuafbqPJZmPYBU/nK9a1LxWfvPWrkulQx7JFbEeKWQFkuFK b5y8Yhznq4R+tw/liUjXEhAG9OGIZ7wvpslYqOQnXsWgg== Received: from mail-norwayeastazon11023087.outbound.protection.outlook.com ([40.107.159.87]) by mx-gate81-hz12.hornetsecurity.com; Wed, 01 Jul 2026 17:04:50 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FtyW9+kX8/AGN2Jpie79SrcovJV97ryKhUQE9kW4hU8AGjTVDH6gfHh0UUacy+0pjsvyfKQbJSbDxWSO/J+SdFK67fgx+3cDT7ignUBaqjS6p6bG29MXi36LJlM4DUi6f/SyVHRsx0ADIGNL9UA4QnhzrFGtIQSS6HVOg2GA50pYeWmlN4xaO2JwVjacx0H/wzEowk+dXMP+z1YC6NuO8TvHsgo2OzfGbP0756J5OueIDVLPNbDDKyNVRD9zhi/ZuCWZy4PO2YRKAaqMreQYYQ0XlnjI9zajVUjXBR7qFreI/gLFY6a6zQngyV0TkNWDYDG3ek0seAXnQW8GA4S/bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fsDWWIjyGljet+d4855tH1CyhONoe0T+VTozQTJ8ZkA=; b=juXhWkeFMjl/Pphu8nMbX+DQGg77yu8Tz58BZ1yFZU47EjWeFpRIZ+ADDEhqaNQOwTYGGeFjcd0JHzX1R05aGr87OYvt5IkJqfPL8CVFK5I6DQlS1nRW5tW5KOjsiZMpinRTdkcgO6GBZwWKTb4K9+p2sLFU96Hu9Bl4VUHbMWLCLr5un84r+6MO2UwFg9mjGCnIV4i8ENBxM+yliTh4hb0mKr8zkwvP1phSyilfx4W9/IQQ4687pUDwMrO6UUYTtQlw+F6QmqHsERv1eiDtRI0VFUs/Vr6mSpYv4fTX4yRsRsEURp1fXmQOSHoTqWlqmJ76Ak9CIT90EL2gL1fMvQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=witekio.com; dmarc=pass action=none header.from=witekio.com; dkim=pass header.d=witekio.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=witekio.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fsDWWIjyGljet+d4855tH1CyhONoe0T+VTozQTJ8ZkA=; b=lLqxZMBh52ea6CXibJNVFnOzo6MklpCdsJ4g35AjXRD0zmM0d8QR1D55HR2OIobwb5i6WUzXZvGu0AHy6MDlrkJEXO8NDRKrwY33T2AspOhzRSug7oHD0QKmyFOonV2RM/GA6KIF6RSK3WB9Az9x8sRt4EGjE0N4WI4HFEaOOBkF4j+cH3MZPWcl9MA6+yynVIlbOU+YgE7uSWbLVaGGw88K54jEalR0MsIo5XJ/t1IEp1X2nBXGJZadkmkSJAFXDZuW5Fb3+RaF1A0tbFjBj0V9LM9nyk9mlXhrDz0otucKe9P3s6cAATkD7tpqJNHVXu+adBDLMGaNV87PVdOcfg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=witekio.com; Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) by GVXP192MB3339.EURP192.PROD.OUTLOOK.COM (2603:10a6:150:2bf::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.159.13; Wed, 1 Jul 2026 15:04:43 +0000 Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6]) by PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6%5]) with mapi id 15.21.0181.008; Wed, 1 Jul 2026 15:04:42 +0000 From: tgaige.opensource@witekio.com To: openembedded-core@lists.openembedded.org Cc: hsimeliere.opensource@witekio.com, "Theo Gaige (Schneider Electric)" Subject: [scarthgap][PATCH v2 1/3] dhcpcd: patch CVE-2026-56113 Date: Wed, 1 Jul 2026 17:04:31 +0200 Message-ID: <20260701150433.3889478-2-tgaige.opensource@witekio.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260701150433.3889478-1-tgaige.opensource@witekio.com> References: <239971> <20260701150433.3889478-1-tgaige.opensource@witekio.com> X-ClientProxiedBy: LO4P265CA0093.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:2bc::18) To PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAXP192MB1405:EE_|GVXP192MB3339:EE_ X-MS-Office365-Filtering-Correlation-Id: 05ee7830-0132-4a61-26f1-08ded78214cb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|23010399003|1800799024|52116014|376014|10070799003|18002099003|22082099003|13003099007|56012099006|3023799007|6133799003|4143699003; X-Microsoft-Antispam-Message-Info: /30IkgCfWrgzuDBPYAK9qTHXK4W4Gy3R2w8DBAd6KCcUSrLhKmvCS9NPrHQFhLn/4He+tYbtIXBuaRDzkf0Bk5UAOF/g0EZSzUGyZSjJ3q35EUnYjzv4X1pk3x+wZMV5R5Syjmw7XNLBVrDPpS7EO2iECikyCtFp2pV2IwgMFCMOg3Qf2WfS0ogBR3J1zNVwjKh+56ir+8JhnqLWthrTROUvb3MFpMN101gNv5LA1TtoWr2AWmBy7h1OYcUMk74jm+GRdWjcldFZMZyMHhX2iK7qu2KFWhGkJY1ilzqudRerg3xUdOhoYxdFg5brtBltT5ndKWYnwi3Bm1mgzxsq7pwbuqiiK4Q0YurOJKUCjPBSkkXC6YIJDVIt1wdZSq7cG/GQLLd0DA1cc3JLrjm1aCf8xQBiEyQKfVttvIUV6cvInMqy9mxQq9KM4/uPGVr6XDDF315Znq0j9qkamrSsWpj/Qp7akR9RjOJaGhRhGqrqOaXRNk7MRTq1Mw3iLjOMNP9c1QL6Yshiwu5clVWLfBPBICPixF0jXtdFo4u+aoLNrc9r2HuBE6fRK0AKz0JF2MjPf9xfsy4yVtACpkvGiH0mmvZszU6icp3nUe4XzfXtbsagi5xaNZLGzJ9H1kgBN9A1d8jppNxkPU1M/ltigeUTxvh/57rzTwOOggtJikE= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAXP192MB1405.EURP192.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(23010399003)(1800799024)(52116014)(376014)(10070799003)(18002099003)(22082099003)(13003099007)(56012099006)(3023799007)(6133799003)(4143699003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: 9YnYV3YfY6svuUE++SgoqyXft5jYVxrgv25kRObbDHU1wKTut+NvOd+YqpHdfnk+6KNiRUeejsHPL8nrcWaCOBx7p289xBIxKoUQU/UIW41xLS82yZiOkqspj+YeMX4bs9BfOq++vcgJuedXaValSzjzz5P19XQj9+vwUHp9bgFnUjBIvaj55AxzXXHGVKqYZlLZ41yBLAjuPPcU+wual1jatoa7m+SSkbTJ8AAjkQRW1+u+C9nDeRz57Wjemb7jqaTLw9n+Y0MOFuedhrgjp1a5atmiFHGXiA0ryGRSIRXoiEfRsxaxJcgMlqblCWaGms14K5c/9CCXP5yrk0N0b6zaMZg72xq7dZU2k4QYpFCcUyTeh31JS0RKJncK5YcDWcOw/qjbKdvtjMybKeIGMMqEGr9YvqOCgj7AOCrgsYzNDsA/NEVUqFU9OGqFfwuVIULm//0S+xfRi0CE4vcxmHZXtj8eP6gvH1/NPXoKDSHaMz02Vv0iQzq2qIVJNpE/hMsaw1ae8YaLI/66yYSElkvQHx3vCtuhXUHR9ESZNt53IAHtObeW1bdiCFuYzMzfRue/Tx1jvNKxEQP/kcvPqKS196y3werf4k8nWvs6Yt5dmeg0ZwEke8q0IZKVuEIRvdzzltmeERK5feWY+aDWYhpdPyCb3kylvd25jj6Rzc+dy5eo5S5U9U2j8RsJnLag2G5PIUXuaSh+iAgdEG6PW16TiU82rv6oZxIjJi5o6HgPhYqzhNQFz9UyAEW0E8znFcsYVO1l5sIhzVBPIVVKQKNRHuZtAMj9M7bDeBg12JePe4GI/fUqiBF1NDXDYlBhqgmc+GNoV0o93Ks1A9zGhv19h0CFopL4+qH2JqkOxCmGh530kUELViylU3bJJpYrXKMRuXWISGZSDVamJCX78bklDTk/vfr5NRrhX79ePwAJahXBBFKcyX+acn4y71bMFPJT78T6swLQy7nx99hD6aDX7EKYd2fEifLZX7uvhBtnpLkbij1q0Itp1YLfwUDBdwDhTwV63vychFIvz0yVz3K25GYcl/9X9Ko3kOnOiZ877mv8+V78xeoJWPXAMpxkn6L7uK/mYuG48W0MAM13TbxPTlVKj8c4rlIyHt1qtZdNc9/qNj9W3HAoRe8WhGVictHdnYPeIG9mbHVZLmb5sQA9NuWVvoOuzKCZYXvxRhacFG8+51SFw0vt9TCdITc15xR2h9hc0NDEtKxJXnK9i5dXxaXXOq5EN4kUsYYgXMlbPHzxEmiyG3LJB07PMXex2/Vwec/OZIY9DJz7jx7DIENyxPCzAAsgfTUty3rLPfvdSuYnKpc/iaqHcFDuQTxFho8GT+vBJ8JSW+m1hlAIOU5YMxkNQ5HfRktZfBJCr7s5ORgXgr/6vGgC3vMx37yUezK7EGge738zeLEmDJEjJloxWb2LDNXmhIs2LTSzG4993zBb8nLDM13r/yDMjDyb94UXdEgG7ZXxdx0D6mal7hM/kQLi7b44IlhgoeK6YCYEpyNbxtKGRnbgV3BrwYm4lJRADhtf1QA4AFymQm+tmc7Gs1UcKhvHLkuaHCe0AKF77COWcmrKWR2DJsGr+/RvLnsXzib7bN7xngLJJNvokC3tg2mSYCSB/12kM3511iouasl+oqd1TmzB3X+NdAJAQdGcUZiz+uAp2DXnHZtkSN7dLjgemDEPju8Y2q7AmHh2QDhzcpg47Q5v1UwDl48lAXcDUHYKktXuGl4qXkprp4RFe5Ru93bSrDT+66eAtdBS1Z/DBXzjXvDUH2GzD3q19qbWTRkj X-MS-Exchange-AntiSpam-MessageData-1: RcTlKfmnkLa+nQ== X-Exchange-RoutingPolicyChecked: pelQWlKGTAP88DhF4cevJE9mPM2rz6rIOWatSUmZx+G6/av2yvcJFf+sVixD+l6xojnOyM8ongagabpYtIgcCpgZ6P/FOcwqosqlY4TlRDd3UBzlwjm6iHVoRUUfXkshbCD/gYjXJawl4lBKsP19r47FKxCeG00CizKuO/LKNo8fOkI6sklqaiJzUGqpmedblxfGUU8DDfdVV3uD9Dx5U4Y4RDmysB9V1rkO69amCqKf61pyuk6tS2NP6QGBIdbVYO00VIBPK6PbfsK1kYlyB9i7XcGqiK3YC7uQ9YjArXexTiBbfV4NsEjoOkCkVOheYHyo8CjmjoBzBxOpXRwSqQ== X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: eFTHBCw5TQpEuj9qKW5kMOreEL53UMxhNHqaiOmmnAn95JYn0CdX53i5gEaMWF7RMCI/892lMmye20grVmY15sjXXngoyXGRCayC+6k8KqKuTYUnXHEnkBN3Oc7qnk+zxmGRTubjCWhRa+aAQwFne8b6Bhgkc4ltBGGb8mfQJwcc32R2ANYvl0OtxkuY5jL/YDP6gVpHHNY7+1Jda2AmT/BwtRG14OTnVb3pB2BavyoizRhnsgeI1wAp6NQ59SY8qCknUOD13Shkip/G2JWQ565U6bOJ4ZXyYiJ9eZsPv7BHnNdIkC3ObKS/IVl6rZ0Hknu4Dz6lJQMacmyydEOyr7pr0o8XR072dcA7CbJz5UO42xUe71iDZrJn74jRQ0M2b55NKmvAvPWJ0Z1kcMlzD1gmYDJ5Ll9CJHz/Jr7mjeQsQKgh++FilbiMih4kzMAcFRmjdzCVN2Z2LmouB2HH9OIxM6ORUKjuUokBuwAqg2S30pHHFtbYHLtwE3nhakBJco/Or1KwFi1SOHu6oJvvI3VZrzQPnc6rW2EHRKcyLUxnNFfft2ze1xT64oY4l9FEFdRn45woVv/IQk7XqJ/yl7kFXsNlRRrG/lGCOPnkLsQqUzWFdoF0OMA8hBVjSFtn X-OriginatorOrg: witekio.com X-MS-Exchange-CrossTenant-Network-Message-Id: 05ee7830-0132-4a61-26f1-08ded78214cb X-MS-Exchange-CrossTenant-AuthSource: PAXP192MB1405.EURP192.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jul 2026 15:04:42.9012 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 317e086a-301a-49af-9ea4-48a1c458b903 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: G+dQF4TAJxDVQE+anNC8Y4l72KB59nkfhqb9lAhWfvtnKcb/IXn6SA36tCRoL1qECWJZRxxRi9pAaF5RX9o12Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXP192MB3339 X-cloud-security-sender: tgaige@witekio.com X-cloud-security-recipient: openembedded-core@lists.openembedded.org X-cloud-security-crypt: load encryption module X-cloud-security-Mailarchiv: E-Mail archived for: tgaige.opensource@witekio.com X-cloud-security-Mailarchivtype: outbound X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mx-gate81-hz12.hornetsecurity.com with 4gr3G72L8Fz1PKdp X-cloud-security-connect: mail-norwayeastazon11023087.outbound.protection.outlook.com[40.107.159.87], TLS=1, IP=40.107.159.87 X-cloud-security-Digest: 538134fd91f3767a137b8642f2cff062 X-cloud-security: scantime:1.064 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Jul 2026 15:04:56 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/239985 From: "Theo Gaige (Schneider Electric)" Backport patch [1] mentionned in [2] [1] https://github.com/NetworkConfiguration/dhcpcd/commit/5733d3c59a5651f64357ac11c98b4f39895c8d25 [2] https://security-tracker.debian.org/tracker/CVE-2026-56113 Signed-off-by: Theo Gaige (Schneider Electric) --- .../dhcpcd/dhcpcd_10.0.6.bb | 1 + .../dhcpcd/files/CVE-2026-56113.patch | 92 +++++++++++++++++++ 2 files changed, 93 insertions(+) create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56113.patch diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb index 6bde9b1f51..65dcbe52ec 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma file://dhcpcd.service \ file://dhcpcd@.service \ file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ + file://CVE-2026-56113.patch \ " SRCREV = "1c8ae59836fa87b4c63c598087f0460ec20ed862" diff --git a/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56113.patch b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56113.patch new file mode 100644 index 0000000000..6727bc1a69 --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56113.patch @@ -0,0 +1,92 @@ +From 9f953ada0df6e7a568f006f3ae0ff10a77a95924 Mon Sep 17 00:00:00 2001 +From: Roy Marples +Date: Tue, 23 Jun 2026 02:17:10 +0100 +Subject: [PATCH] DHCPv6: When deprecating addresses, restart on prefix + deletions + +As that might invalidate the next address to iterate on. + +Reported-by: CuB3y0nd + +(cherry picked from commit 5733d3c59a5651f64357ac11c98b4f39895c8d25) + +CVE: CVE-2026-56113 +Upstream-Status: Backport [https://github.com/NetworkConfiguration/dhcpcd/commit/5733d3c59a5651f64357ac11c98b4f39895c8d25] +Signed-off-by: Theo Gaige (Schneider Electric) +--- + src/dhcp6.c | 21 ++++++++++++++++++--- + 1 file changed, 18 insertions(+), 3 deletions(-) + +diff --git a/src/dhcp6.c b/src/dhcp6.c +index bdc3664e..5154bf41 100644 +--- a/src/dhcp6.c ++++ b/src/dhcp6.c +@@ -2480,12 +2480,13 @@ dhcp6_findia(struct interface *ifp, struct dhcp6_message *m, size_t l, + } + + #ifndef SMALL +-static void ++static bool + dhcp6_deprecatedele(struct ipv6_addr *ia) + { + struct ipv6_addr *da, *dan, *dda; + struct timespec now; + struct dhcp6_state *state; ++ bool freed = false; + + timespecclear(&now); + TAILQ_FOREACH_SAFE(da, &ia->pd_pfxs, pd_next, dan) { +@@ -2511,11 +2512,14 @@ dhcp6_deprecatedele(struct ipv6_addr *ia) + if (IN6_ARE_ADDR_EQUAL(&dda->addr, &da->addr)) + break; + } +- if (dda != NULL) { ++ if (dda != ia && dda != NULL) { + TAILQ_REMOVE(&state->addrs, dda, next); + ipv6_freeaddr(dda); ++ freed = true; + } + } ++ ++ return freed; + } + #endif + +@@ -2523,7 +2527,11 @@ static void + dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) + { + struct ipv6_addr *ia, *ian; ++#ifndef SMALL ++ bool again; ++#endif + ++again: + TAILQ_FOREACH_SAFE(ia, addrs, next, ian) { + if (ia->flags & IPV6_AF_EXTENDED) + ; +@@ -2545,7 +2553,9 @@ dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) + /* If we delegated from this prefix, deprecate or remove + * the delegations. */ + if (ia->flags & IPV6_AF_DELEGATEDPFX) +- dhcp6_deprecatedele(ia); ++ again = dhcp6_deprecatedele(ia); ++ else ++ again = false; + #endif + + if (ia->flags & IPV6_AF_REQUEST) { +@@ -2558,6 +2568,11 @@ dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) + if (ia->flags & IPV6_AF_EXTENDED) + ipv6_deleteaddr(ia); + ipv6_freeaddr(ia); ++#ifndef SMALL ++ /* Deletion may invalidate the next pointer so restart */ ++ if (again) ++ goto again; ++#endif + } + } + +-- +2.43.0 + From patchwork Wed Jul 1 15:04:32 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tgaige.opensource@witekio.com X-Patchwork-Id: 91515 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33B46C43327 for ; Wed, 1 Jul 2026 15:05:06 +0000 (UTC) Received: from relay-r17-hz12.hornetsecurity.com (relay-r17-hz12.hornetsecurity.com [94.100.138.217]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.47495.1782918295984511777 for ; Wed, 01 Jul 2026 08:04:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@witekio.com header.s=selector1 header.b=omScvDX/; spf=permerror, err=parse error for token &{10 18 spf.hornetsecurity.com}: limit exceeded (domain: witekio.com, ip: 94.100.138.217, mailfrom: tgaige@witekio.com) ARC-Authentication-Results: i=2; mx-gate81-hz12.hornetsecurity.com 1; spf=pass reason=mailfrom (ip=40.107.159.87, headerfrom=witekio.com) smtp.mailfrom=witekio.com smtp.helo=osppr02cu001.outbound.protection.outlook.com; dkim=pass header.d=witekio.com header.s=selector1 header.a=rsa-sha256; dmarc=pass header.from=witekio.com orig.disposition=pass ARC-Message-Signature: a=rsa-sha256; bh=DFbFVmeOYDVRJXDRbzO/eDzuE53sd/8FK09W0wLADGk=; c=relaxed/relaxed; d=hornetsecurity.com; h=from:to:date:subject:mime-version:; i=2; s=hse1; t=1782918293; b=ZDOZgEBpx74BGkhvDLTOb8WYZyFwcNkerj9GDF1injHyITuMFTAXqEFRozY4AhUCIPkzJFVG lIO5rJtPYHab5pukoTEzLeSAGG7jmKbIePoZFaXBjm7XAIrFHBeOuJNdCl5bilIx3g0E6M+rh86 9EXOF9Ou9SZwN+AKw9t3DeY4jBEWrRsM8dxf1XqzAPmd2aglV05ZdYC17q2LKwkT0IFRDlRCBT6 HBUbuHuCB4X6gKMgL2aCh63UWcuDA+gueQ8T5e49NZGtHovn/ASZ0/Fg8dnVPfVVgct6E1Y3gbF PZ6uBiFntKGniEbzRB3hAehfhU/Kb6iwg+yHY5iBt338Q== ARC-Seal: a=rsa-sha256; cv=pass; d=hornetsecurity.com; i=2; s=hse1; t=1782918293; b=qas9S3AosN3yKGGOJcHyocHsAXjdKeE28ptL1V4kBDkAUtzlsfUrcGhXXYRns7gLNsdjIuYZ tmjfk7xmhpvx9dTBV3RE1KGxvlQOxYBaGHo05pGJhi3NClTQflpSaQtpRBik5QI3e5jSqjYCnin Y4A2IqDPK0EUOABBMkaMknfsvyAy/mCKbVGBlwTdIof6FX4F2qF6H0rBY0z+8vBejFKOjGrEREm awVEuo5XmGV1H1z47UGDcnURiSnM6kr0tvNm2Obvgwbc7jGuETVp1u8UXulAhEkTB0pNbdmoWBc wLSU0koWXmAg/E+ipiHCouX/lKlCzHS61SEP5HctwkEDg== Received: from mail-norwayeastazon11023087.outbound.protection.outlook.com ([40.107.159.87]) by mx-gate81-hz12.hornetsecurity.com; Wed, 01 Jul 2026 17:04:53 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=SkFQYuiZlEcBUQMZpUR7ntXQJWSdjFJOLKw5Ab2omxoJhLrwmTv3tkPaa/AHEU/y1G2azfeevC+Pbf1GkHGU4NbUJ3XAFrOVDNUv9xhRjJS6j5SlfwJ0FZq3T0sDsyIxVgkKu7CIJJSq79Fn0PLki1F9Ke2nNyFe3na1KAAHXeLM9JCRHH934ZzTDkcNHh4UHzeSewo1GhHYtMHDyC3sY3Hky/nIW06faHvWWEBSiJQm5OvianhWlWL2CLgmdoXvJi42d/rYF0wu6wfCnOHcz3dTsSLd+PQ6uv1kBQbSIrIB7aU6ZXzZLfd+/V+VWrmg28/vIe99wK0c2VsfbDAjKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DFbFVmeOYDVRJXDRbzO/eDzuE53sd/8FK09W0wLADGk=; b=QQroeBiyQEbjRaRYC0awNTJ2M7oj/Omlyb3nWNcsKo5Cl5QwZu+6OyG/aGpyHT2EwXl7ywKhXcgdTVSn4eVXzjLI+Rd8mEGvV9pMaHSn4Qd0XorWmLyFrxHrWjbRc6k8fzh2ctQ8U2tb7T5T67rYi14zxitRNqdOi39iDuaW5xYm0Vq6hzGNr9X3Sg+VO6GjkHIq+BMGsG4X/3cvBFBXOu+m0kaurQ7wqiGKjn9BJQPcFKfQ1OkDQKpQ8vJ1TeF9aIjHwRbNBo0fFWodHMM7ox5nYyVBkaEgOvmcO6yIPErWh608ine8ORoU9QZwKL6JCzPGpeFYHaeQciHB4IzT5g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=witekio.com; dmarc=pass action=none header.from=witekio.com; dkim=pass header.d=witekio.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=witekio.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DFbFVmeOYDVRJXDRbzO/eDzuE53sd/8FK09W0wLADGk=; b=omScvDX/8gsXG8NlD1beoPEXplo9FdxNxfXmN2cTxvWCYSczEeBZFtAvmOKqJxQQ2A80LZ0gzouBPbzTf82Lv8YoQlqAlDFTm3D2DP2ik9ty9tGhySlKpiPIyB+TM0DuGInEG47wYLXr2S/foPYj7Dpbgw9iucKucPjtyW6NRsRFcSuroldKGD9pz4hHOCV+zl7h4tOdnlPuyVmEwR9cceRpsMZrp42K/+fZs/ULTRnLupB4u968wR0t5DpJP1Ffk/57XmQmiV/Bynv4MRqIqr1u0wuSp7SHcVJ+JMnFfftbpMqL3ORL8LtlB4uzSH9gKuhVmFjNuSg+UJEnHCK/tg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=witekio.com; Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) by GVXP192MB3339.EURP192.PROD.OUTLOOK.COM (2603:10a6:150:2bf::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.159.13; Wed, 1 Jul 2026 15:04:44 +0000 Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6]) by PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6%5]) with mapi id 15.21.0181.008; Wed, 1 Jul 2026 15:04:44 +0000 From: tgaige.opensource@witekio.com To: openembedded-core@lists.openembedded.org Cc: hsimeliere.opensource@witekio.com, "Theo Gaige (Schneider Electric)" Subject: [scarthgap][PATCH v2 2/3] dhcpcd: patch CVE-2026-56114 Date: Wed, 1 Jul 2026 17:04:32 +0200 Message-ID: <20260701150433.3889478-3-tgaige.opensource@witekio.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260701150433.3889478-1-tgaige.opensource@witekio.com> References: <239971> <20260701150433.3889478-1-tgaige.opensource@witekio.com> X-ClientProxiedBy: LO4P265CA0093.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:2bc::18) To PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAXP192MB1405:EE_|GVXP192MB3339:EE_ X-MS-Office365-Filtering-Correlation-Id: 3b0c982b-6966-4b04-17bb-08ded78215a5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|23010399003|1800799024|52116014|376014|10070799003|18002099003|22082099003|13003099007|56012099006|3023799007|6133799003|4143699003; X-Microsoft-Antispam-Message-Info: yu2dLx1KM2Mw1X2u3AWJ5DYoGciJryYsRLgJsVsjDcB12Ag6FBbDslmVIXMqovcYeq8bYLQvrmtLX7t8QNyFrSnQ0NK9hnGwBVgoEPQyLGoLIuUZUeHJvHvGMX0cQpXDBq5BnpuVhFDp+IBWyHf+ELKqESVTwftGeVUi+qadzwep2RKerVf+KRreROH8uXM0dLYJzVoP1P4DJvhR6cZ+WprpEeTkWg1WFbvi5Z0VwhgYLEl0X+3VW2wLqPLFa3AQ2NvKidQbVXAs86wCReDTYPXCArwN16Ap6PyfqxMdvkDGruMRVpBI9v/sbH/1gocNBNRzyWIVlctdfqTWxAxFby4YF8fYS6wLH9Hoc+tgN6U+Y8lcCQryLvNNcbpni4BDNkELXiYZeClx9GjS5n3+NL9IO+CE47iRULaYxrvYvDrKOydT1DsyMQHLqIjhvgljhTGWfQ5/PRs6crsKldjF7aNQoUIK0V4UlCYAVDwEBnefHRS3EzjMXurItFQ4J/OYQwUrHemDmTDp8U7vNWp93VvEHHfnAjKyrd/EbJdLhyVIl2VY5+UydV7tu2Xb54MYXoZEhiLz+ngJthIHhO5oSGAfs4elMNyQsJf072qsrjw9Trfc7M0YXFr+d781xIMqeW7JVg8MDsCG5MCblvoVOboGpuGXqV9kaDVJyD6pfCA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAXP192MB1405.EURP192.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(23010399003)(1800799024)(52116014)(376014)(10070799003)(18002099003)(22082099003)(13003099007)(56012099006)(3023799007)(6133799003)(4143699003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: boHo97o6ryS78l9iTn/uyISo+sMrNjALMp1Gns0Wmu2lEDQvJzuEQH2T4PBej8J8FLZPcGjugZXbdhmVCXnV+igV2jdD3yhabFjmprdOWeqBFtR8OnQ9WOr0uedHp7C3SDkzB/V4rv69GFo0v8hctpLQ8nAH1AJ/pSvmr5yy3QV0GB0CAfVOI1vwwhZw+EAVbaC7HJZNd8yE0dHw9z1rQqPlSv6Ncdkn/1PPmhboMwR8mn9zOROP832d4lQalDqoBZu8NxqNKk5HXDjP7jaU/w0c8Ft+LnHb3YzuUCL7hger9AsK8R2U5gftdskODZr1kfWQXSXjzF0EB/RqQt00oLqOduiqY5lgCXnG+F1B0X8P7DLI6Zn2bjI21TNDeaYeqnQfIqTaEb6unhwLGr2gFAs1WtS+ZClZ/YRwZViX69ncu4MRdKvXqcPzTA7QopQ2KXJGZMC9yEQqTbTqsnkXxmMa5tp+rjgOa+tUruqtYyUEZ7Ti3II5yoMXdNKDMMvbUOioIJUhvYmTxTL8bUL2mPV4MvanX5ri2dvel47fXQM2ldQq7rq1EIx/KLzdfM3jInU0yaH7b98sOTY1KcvGHeLbwAKkdyUMgS602lGLSWsHAlXv4qEHvfzLKgr3bKTqput0Lc1FVeRMVMi/7ev5LBqUFfg0/huVob6y6fTGclR9yuS4w7WSpbH4IVPz8UPQqyKVW84+pFhYBMHJPrJUB6LT/ZWSONJhmoW25iJL7CL0bxITqpN+WOk+sA4WeMqyvpQcdAb86ioxF9PZ1NcIOqIWJ+IMygp22t0Q43jb0vTjosNU9dz9WR4Av5pm0fFy6FvB2IZEAJLlSot81FsyzmuLYSvxpI5D6J8EgkZDmsIa5HVT1T3TmjYEEml6GjhVIi5SMaWgoQQWE7qaU3bMZo/QtbVDNMHNhZJh6qquXazJ5X+32cNih9GTFEdef/SHaLzDGw+qqiLzV5zG8+0KQirwNZ6J5maN0tRse9DjuwSM31/8TpHjzJo5sEERBVAciCoxieicwL70/GC2gRaLoGCCD1TgDj+tsgrIRAh8zwXPHQM9o+l0c5v2S6c32kiHBPveINevh+QcYaS5mZAotSBWVx+Pw1x+XTP0GFkJDWl2016YUQR1npIL8P+xqpC6judux+ZJZ4lVFAJuCghAqMpnhsnL1XIaEVh40iLcixnpdX9/TMIyFWWKz60aH7N2b7Iz7AsIBv4ZyOW6STvYc/dlrPuhIpOmRtrGh/VP6irjI7YHtWNyLaK/uG4XDXr1gm6btyVXgXgKMVKfmGwMRISwvs+LgfuSJajpFp+iLbbjwJpsT/8l4xomGUYEsl+yE7NqtvICteainsIo+vcCtW/+HlPAxHNmlw5C0Fvz63y7nVA5gvBUgiDQgKNcKYPgA/w35TJpMkqLXsfDERbRHeXUD4W0R0KaVTAEoS3me1Tqy6n3y2vzzvtUGjUuI8jOgKxC7WG0vdf8LEth51KUiQ/fLK7BUNuERuEE5f9MPZlw/LqivFPTZ16d+tieSABfvhPu7ADfMLL/bqqGuWwi8hDreNwi07+go13ixbAxNcGg+kU1RA0XTf6DGJrHXGL9iWrGFvehY8GKlfCa3+QmEPnux9j7pGXaX2mixhVRru/YiF87UdE/eH+FifpuNPRmhfN4xhSjTrykB3sI5/i3ji5sPWfB7EzP/Cnl8edFAP9oLURDezBbrYuk0uGX41SeOIB3oachKaZwSUYEo/Ox4RZfp7aih43n3Fy5n12zdJzbaFCrQjP0H8mHDuIdMeSA8qXzgCHL X-MS-Exchange-AntiSpam-MessageData-1: oJnz73/n9T98ag== X-Exchange-RoutingPolicyChecked: MuqB40jsu8gBb8ItpFvTa/YIxkCWhaD14Em2l4E0mMqQn5G/ypXla1sBnm75nO547Z00ZZ8hiPHgGCHILOhM9P2IV2zqL8WDs/dwBO/VvYck1wm4Yc1ZQyr5pwjOGIOhUUjdmG0Q9kOE2uNc6rIZtviRKj8pRtvL3r6fjA8s790w6lA8esyOtQOO9u0iKiUagISFM1Bbqf9Mdl/EB56aJBhRzreYo1qgLFvDGsacx+Yk3wz0WkUgYGYL1sNC4aOK8RqYB96DOv25TXlZIXxYyc3eV65yKnVFZ5TrcaufdgGno+hNU/71LOkDnQIe5XnGEJTtWoGrbMb9KzKRANQGWA== X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: ALBVnCNHNqvDCTShkaMiMHBUNhzzAIv2CcBz2t4s5pseRvu7rNbuab5t7MnRUNCT0nLfVXTA8SNSjRHHk0V7WICorWQseZ9L+fu44xqVFbtvg89u5gQVsOD0rnhm0XmnPBWm2HS2h6VOLUGsOASoMuOjRA741TWb4lYrps74fEUZKPH0LT6/i856KBegFHbBXvn2vU+YxgBV+2dbIeWZKeO9eO3qbhMQTCDJQ3ATTOB55v2BPy0+F8yQOu7cy8U9oowSPb7dtDmHc+y28Hg0LrD6GK0mW4SonJHOt4l07+UYUAED/s6OXLH7jc9xVweH9412W1ZRtF4DLfxrKWrFvzQwVQ28kQUTSMdkw2ngAZtsJ9YAAvuCJIAHE9Vpz+P07RBG6qhg51eQMdq3LjxKPk0AdNXfAbNB1+3DAcxvFu5f3nnrGaJfxdVQHAB09fwr9tfiyXUmzS6U7FQZhBsMyCWdiuEBBlTUHy4ptMyv2xBstUvjl9UGaH2icuCupn6fENu0mgcfXOoz44aJRbmlIC/EPHUUDopoRGyEdDx3fHLCxwFvEWVj3f4Ec16d3yKDPWQKENn1SC6BJOltB6bjf9tWdCwUvp23WPwqQZ6x7r8sYwEY5xQRfAJ5hrzlZ9Q5 X-OriginatorOrg: witekio.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3b0c982b-6966-4b04-17bb-08ded78215a5 X-MS-Exchange-CrossTenant-AuthSource: PAXP192MB1405.EURP192.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jul 2026 15:04:44.3056 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 317e086a-301a-49af-9ea4-48a1c458b903 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: dUlv4pzJF7Gdav5SZ1o1lnjWNu7ftx0+JAXZ+8V1CnvGM8S1FaS+fbWZvq/fUbAm2eSOKbeiOcY9BiFP7Nc9Ng== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXP192MB3339 X-cloud-security-sender: tgaige@witekio.com X-cloud-security-recipient: openembedded-core@lists.openembedded.org X-cloud-security-crypt: load encryption module X-cloud-security-Mailarchiv: E-Mail archived for: tgaige.opensource@witekio.com X-cloud-security-Mailarchivtype: outbound X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mx-gate81-hz12.hornetsecurity.com with 4gr3GB4rjJz1PGxB X-cloud-security-connect: mail-norwayeastazon11023087.outbound.protection.outlook.com[40.107.159.87], TLS=1, IP=40.107.159.87 X-cloud-security-Digest: e7c32c49b3a95bec52351131d62a4d5b X-cloud-security: scantime:1.055 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Jul 2026 15:05:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/239986 From: "Theo Gaige (Schneider Electric)" Backport patch [1] mentionned in [2] [1] https://github.com/NetworkConfiguration/dhcpcd/commit/2f00c7bfc408b6582d331932dfa47829c4819029 [2] https://security-tracker.debian.org/tracker/CVE-2026-56114 Signed-off-by: Theo Gaige (Schneider Electric) --- .../dhcpcd/dhcpcd_10.0.6.bb | 1 + .../dhcpcd/files/CVE-2026-56114.patch | 34 +++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56114.patch diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb index 65dcbe52ec..bc87b91503 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb @@ -16,6 +16,7 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma file://dhcpcd@.service \ file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ file://CVE-2026-56113.patch \ + file://CVE-2026-56114.patch \ " SRCREV = "1c8ae59836fa87b4c63c598087f0460ec20ed862" diff --git a/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56114.patch b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56114.patch new file mode 100644 index 0000000000..748dc1ee8c --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56114.patch @@ -0,0 +1,34 @@ +From fd86ded940524f60174582faa96f583c168589ef Mon Sep 17 00:00:00 2001 +From: Roy Marples +Date: Tue, 23 Jun 2026 02:06:55 +0100 +Subject: [PATCH] DHCPv6: Prefix exclude option can be 17 octets (#671) + +Well that's a simple off by one error + +Reported-by: CuB3y0nd + +(cherry picked from commit 2f00c7bfc408b6582d331932dfa47829c4819029) + +CVE: CVE-2026-56114 +Upstream-Status: Backport [https://github.com/NetworkConfiguration/dhcpcd/commit/2f00c7bfc408b6582d331932dfa47829c4819029] +Signed-off-by: Theo Gaige (Schneider Electric) +--- + src/dhcp6.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/dhcp6.c b/src/dhcp6.c +index 5154bf41..1eac9f23 100644 +--- a/src/dhcp6.c ++++ b/src/dhcp6.c +@@ -1006,7 +1006,7 @@ dhcp6_makemessage(struct interface *ifp) + + /* RFC6603 Section 4.2 */ + if (ap->prefix_exclude_len) { +- uint8_t exb[16], *ep, u8; ++ uint8_t exb[17], *ep, u8; + const uint8_t *pp; + + n = (size_t)((ap->prefix_exclude_len - +-- +2.43.0 + From patchwork Wed Jul 1 15:04:33 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tgaige.opensource@witekio.com X-Patchwork-Id: 91514 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25998C43602 for ; Wed, 1 Jul 2026 15:05:06 +0000 (UTC) Received: from relay-r17-hz12.hornetsecurity.com (relay-r17-hz12.hornetsecurity.com [94.100.138.217]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.47496.1782918299377018725 for ; Wed, 01 Jul 2026 08:04:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@witekio.com header.s=selector1 header.b=n4o0uWQA; spf=permerror, err=parse error for token &{10 18 spf.hornetsecurity.com}: limit exceeded (domain: witekio.com, ip: 94.100.138.217, mailfrom: tgaige@witekio.com) ARC-Authentication-Results: i=2; mx-gate81-hz12.hornetsecurity.com 1; spf=pass reason=mailfrom (ip=40.107.159.87, headerfrom=witekio.com) smtp.mailfrom=witekio.com smtp.helo=osppr02cu001.outbound.protection.outlook.com; dkim=pass header.d=witekio.com header.s=selector1 header.a=rsa-sha256; dmarc=pass header.from=witekio.com orig.disposition=pass ARC-Message-Signature: a=rsa-sha256; bh=AJ38PEqJhsDZjES1NEtZeW5UU7kIvzQgvHagktZqxGM=; c=relaxed/relaxed; d=hornetsecurity.com; h=from:to:date:subject:mime-version:; i=2; s=hse1; t=1782918297; b=HbolcQftl9fqculmeATX0FD3/8NnzYq9XjDESiUZjESP88Q1HmqS6r6JuMybUfbJHM5H+o1I zjY0swujdUTPEUoOK9pRmzzGKhX4rlDD/S/PkVzn2SJabtzOodKRcOjvlczKBcGBqKhTabdcU7z Ao/MjZnZ19/3zeuMRMSj51hrFM40yd+v4QgdliVlAqZZrh6YbnO6xO9hjEIOtgnUSBLEoEapfZE vi4u19hbNmZ4+Jp2qV+7sNolmIpynDYJanbW59wjBkpSW09wDFMh1KkqeMbS47zTaMAEwdawJUg X62KtDg80EeB19hkAe8xAFduysZk6QjFKzLnxS5cWLDgQ== ARC-Seal: a=rsa-sha256; cv=pass; d=hornetsecurity.com; i=2; s=hse1; t=1782918297; b=gdg9RXyveuHYh2UgTRP2+7r8zJo/qCEVHKYm4ojUIRvc7yM3pz21IZV/3fs9EWKJqTzHrS1d xMe4YAPHmYAp9iZOHjQdbKMbzzVVIugkCOAPNmSF+xwx+O0l2iNQLfsJH7ljMX7wZtdqyXCX2vS TpdYqN0ox4RrDYmz2kZtPOH2D+iQlaS31MGfKNOASuk1kIjlKPAH2gJU7iEa8Vf2w6R5pq2TJHO QE8cWJ01hoKnRQf3NfhznKydc+YFOfK5K2WLGBF7JzuvSlhS+X8uf5XCgpYbc86QAKuAOAwktIJ oHkq2M6A1I4YQFiLYa6ExRzgR94VciFHR+LjahACoVpig== Received: from mail-norwayeastazon11023087.outbound.protection.outlook.com ([40.107.159.87]) by mx-gate81-hz12.hornetsecurity.com; Wed, 01 Jul 2026 17:04:56 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TC1q/tZNVYGadyrB3gcv8/QJKzAsGGfSd/13/CUtroB34A+Nknb4Nswx4Z4wqGblRP2YHzc5Ask7IdoZrBCJ6e0GAebTZcNqJa45Kuc7OwwJnfsebSe7cywNNHpmuZgJ4VLHFi1I+KPh6HO6UU1aweonPZA3nlDfznzu6eWWv6oHR4sJtI3cyPnuHSennSI2uuCuaxdew3RMKfp5OHj1wPL4REyM2gTtQgAimfmDwu5ROn3n+BfaSn18oXoKCCU4NRUobF6QbmzP+zI+u9Yd0Aq6oNcC1SgGFLkcOuZkP3f5XpUe+G0D7rgUHs5QM7SPQwmnymEVgJCJAJmgQRWM5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AJ38PEqJhsDZjES1NEtZeW5UU7kIvzQgvHagktZqxGM=; b=SH/86sz+nUmYoqrIKRi3575Pty0gihiC3hl2XsLeIvprIed8fzwFw6/FBWe6IipP7yi4DEitznkg0hj8q123PFfHRUUoX10L9VbJZjZG3r4o7y1sDY8PjbAT2vbP8DBrlZ4ParsNvRLtozvA1opNMGxl4SX1cVH62Hq3vlAVNeNZWRZBafOZjV/cHtTXF7/UBh2ll7lHTSdfdIBuMi47pMvdyQfP1/4qn5VlwmPHj6CADW4YZuKYDGLV9o/JR8fuhBza1xFkkKhx9hEC0p5thVYyiiDerAExRH8Kp1YODUS/UW+Px16zd/OZjtcIMk8SGunLWGr7ZoqdLw6/i1AQHw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=witekio.com; dmarc=pass action=none header.from=witekio.com; dkim=pass header.d=witekio.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=witekio.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AJ38PEqJhsDZjES1NEtZeW5UU7kIvzQgvHagktZqxGM=; b=n4o0uWQAhcHCZUSdI8h0WBLn38RRPTgpoDHVoYbZZFPHdI4UvydJwlPj+wTYFKJ3mZeNdrNy+dHc5u6m1G5Hf5pB6R4kxUGv9IcnEz2C53JT7HRj27MSISiXgCiZQjpDYF3+QQu5xpdC4Vx8Tp3KcdLamY+h58hiwJrc1u1SJdjWgUsra07sku+2YCwm/u3Sic+tOSuyuB7Ikb0/T2Gv/Q0ctZ5G48cnnrPY84GInsGBl9SXA215Sgnnp70KFA5S4TAJrewQaH6KIAydxCEN8j445InCdfZl+mDAhO5NwMr5bmSWhLjptaeybGH4yUKuIUhSxv0X7XnYgnukJ4tVfg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=witekio.com; Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) by GVXP192MB3339.EURP192.PROD.OUTLOOK.COM (2603:10a6:150:2bf::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.159.13; Wed, 1 Jul 2026 15:04:45 +0000 Received: from PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6]) by PAXP192MB1405.EURP192.PROD.OUTLOOK.COM ([fe80::a160:226a:5870:e1d6%5]) with mapi id 15.21.0181.008; Wed, 1 Jul 2026 15:04:45 +0000 From: tgaige.opensource@witekio.com To: openembedded-core@lists.openembedded.org Cc: hsimeliere.opensource@witekio.com, "Theo Gaige (Schneider Electric)" Subject: [scarthgap][PATCH v2 3/3] dhcpcd: patch CVE-2026-56117 Date: Wed, 1 Jul 2026 17:04:33 +0200 Message-ID: <20260701150433.3889478-4-tgaige.opensource@witekio.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260701150433.3889478-1-tgaige.opensource@witekio.com> References: <239971> <20260701150433.3889478-1-tgaige.opensource@witekio.com> X-ClientProxiedBy: LO4P265CA0093.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:2bc::18) To PAXP192MB1405.EURP192.PROD.OUTLOOK.COM (2603:10a6:102:1ad::24) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PAXP192MB1405:EE_|GVXP192MB3339:EE_ X-MS-Office365-Filtering-Correlation-Id: 8e8e7cd1-2a60-4a76-9536-08ded7821687 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|23010399003|1800799024|52116014|376014|10070799003|18002099003|22082099003|13003099007|56012099006|3023799007|6133799003|4143699003; X-Microsoft-Antispam-Message-Info: 69KNF3FSmq8klNhNS++8it8PyceTGSTXpg75M528nqe3R/DwsTHkPgB1/X4YnJmk483oIEglM+GAGjslErUffND7AiBoE0WCu3zosgEpxVN2nCq4QeD+rRnb1zATRXnEtF2u0cr08GQhnXkdugXokMd1KOGmqydCQqVjbcN2NPD+1+8KHUJQxRFk3nujtgkB8lNnUatT15JlsxIpyHXFOrk/RkZ5PUOqdj5WdoZIF+g3IggWeCntwmezYFUrvdo31WnQuSaE5FDiWcB26KOW/qMrh16zjF4SUl/G+Ier6LXLwYAokyHG26RO7oRL9m6geCTJYkAD1DRwg56dir9mj6QWHJwAcoZ36h0D/F3yYZpR3AVhdYT/DVgwVxd7oDk1TyJLI6V232y4nGTz324ZfRVG8rYcY/qqAN8cn5brHITvp/RbeO0pYsR/Td9Hst87x3OYXkkCuW8vT/2JswYHxLxQGR2QC07NTv0gz6//DWRHD/n0+V/XGZfYhQcWAdkpKuZXehWA1Sapi/fQET3pgPjRCqfz4b33RRwbhA7Qi2NhZQ3/3oKHdTebspKWvnAYtZ9a5Ht7aClmdhNcVZD+RiWFET4Oia2HfF9MLlwLPBU/FEdPV/MU6Rh+ljSEisrn3L4JwNCq1/6bljNyseeF6m1QxACQuyrvIF7swFeLO9I= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAXP192MB1405.EURP192.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(23010399003)(1800799024)(52116014)(376014)(10070799003)(18002099003)(22082099003)(13003099007)(56012099006)(3023799007)(6133799003)(4143699003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: RAvpktTcq5MwvLGhcm+M1kj3tGuaTF2vsWwrVjyC8bxevFjNeS2eP1leR03rRGZUF/vm7CoCa3KvPsjKi+jVTdroNmEh3X97T81TUz0/7XlxeIQKSxar3aCmAxD7SFhLbUUKzfk/K9uburea4DvtFC/wLOQEjG7l4JM+3EDHsAz+O84HWS7trdygtZL8X6QbrH6JYfyM+GIsWe/w8LVR7YkE0dAC2VWxAfRvIFMIPpK4Jnn6dyNaJmy2KrgQiWyXThVAmd0YVJ16bvsoGiZQDgT1xpoyvftW/Coljxu/Jvs9v0hd7Qm4prcGB9I5vb1iQ8kcpeJn/hTfLh0/sxOLU7GW8UAOrhKHKjKiqDNJFbCzSTbOVBMT7EklNRNhVQI7XStW4qMEoMFP3s41l9ZbbY/lu+oXhzr9Yk8az6/nM+cCOYOHD8hoZdbD+c41H3X6E4T/5EwA3M+9eUfeAXjNefeHKHHab5BmDSCeoLtUzA5MJyEylprtwlVKx3yTST8B1w8PNURUjDViz7jl2hsjonKLeBpXJXGCdZAZ9xNW6ydf3yEiEkt2sOqwSWmcOP4EEgBC69hTjwe8VJqEVG1e0ff+fcJLP7321NtVs/KuGf4ORIAZlTAjWSg24HV+CnfY9IfxHBWXzW40oGbDXwgOK/7mA6rlhw+n5SBrizXSnRBm2DwLH4IbT2QJO7erk/crs7dwYhGGuwqCJELs3iaYs43pxyb5mg/53g3MEXaLP5VeeCud9byo3bmNutkB8Pr8mk7E92tiglFYwVYNXO2aa8mpLgDzLZkpdr/tcF03A1bktF41GjUP4bSoUmE7r6drVizRMVGq9T/3mfMaf9+wNBW2GYnobt6LLYxgnRIUybeRYoTKuJvDIVSjrsqLKQ0G11swCftcyfUESL/NwY1emzRuyRaB9Ekakbg3sXMMtbi+LpvoTxBBglPx053sGcBFg16vqJlfGoSKVKa0phz0ULDKAMcXRrpP5hdISfnbC3qz/7xdoUn3RHXeGpL5Mc+G31mgeh76mWQm70E2vMrKJYSchJj7XcqSgV7gcMuoDNS/CiHVQiSeke1yV/CNLXZF9D/kOTiBSSH1jb8S8Jx4+QQns6ZedduMm1OZKgH0jCztCwKGrY/6fdtYbmsSsfrH0HgA7XL9qYulhQfj5znDkWE5qWXFTNcQWrk0ofMncn+TcYlFkzBhGBH2btOtMfE1jhPkMvq0E5pkDmS8HjcymPxI06kh1mseAdXY5IRC8ldv3zIVIsARC97wXlunazmSlyI/i+gXEORE4vFC/2jCc3r83zoaSzRNAsqBsuW7H6DaFbdU6deT7Mvqg0AkDFdtclZC0/ljzaGU32gFdrW0EH6tPZj8GQflvombtvae+S46k/PVEHJf3Qk3NWK+DGcv7dK82LmqoGVypwbd/umhnQIL7oPVqhbonlAhsToouXSz8QMjAOUU7ibVy8a1TqhpjMZ4Qmlr63+tNDWaD35HAKADtKcNAbuC/7EM8QMZ3PbgHRjDGiPfZN25wOmE4S1W0XWNqsPqNKg5nFdehJJ0uTss4xKj6rWd9UlPX9Lju9RdCqPKnlrUAxFAyykEUqAyfWWUzES3V7axcqgIrju7KVGtJT7L4309xFEzmInHR/DaFKjsjXLJ+ptEzIN8DpX70hd//J198OTVnrxNqs54lmaWeYLlE97ohnolJNGUWAWUtNL7KI46hx8MbyPujKSdblqQ2WhgaVCWqiXTBM7a1GKNqmGivh1H862nKTsxGW7YNLAvBtkMQtQzZ1n0ra49AuKPw6I+ X-MS-Exchange-AntiSpam-MessageData-1: VV05S+0r69M0SQ== X-Exchange-RoutingPolicyChecked: Gd94ATbOejZl8yEfJ/EEE5bD3rbVJjeR77AI8uC2ahXvwQRgCXSNIvSr780IR7NFCcEFCswgQvU2j3wdcQd9nssNw/qDzK7kO+9b3HAFyvfRxE62Ly6TK6AALGLKDNxqV8mvOpL5Z2r3YC3RmgkaWiCnaVehuLkyNaPJYUem2hkv810ITZmlJUz6IB3BMEIbmUdCBbsXEPvhHZWHCtA54fQ71qjYvP9S00S6mDTzR/hGCniqxHTQ4CgeP6AHLY9ypT+GHgjcrKCuxYy2U0SUq3FnF7R5Yea7B7+RCuyLMFz3T0xc6tHrBP1qBJOD9gkxmZj952FwaivK2xo51I2SAQ== X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: 649q8RGPIgl1pPchOz6Ecf66lzKEO2GANd1pBUlWuD7plsv6XwkltUtT2qNZSsyPBrQXjvk0JkT+H0anmVOO7/J31/E7Yqp7sR9e6vPfx0HaSWI4jbwLS3quHf3jVaqNnSlcwuzG2PaIFJ7K+6kU3JFeYdxnhP5hRgMWcnu91zD8+lhcPQZHgko6ULCoHkOjKHRFQiVLHMG7H+QU7oDFDsiRwN1oRb27Hu3k/3ZoKmX7EGBovi2w6a6xu1uSkk4qm1ZX43g68dYOYJUMa7oNBGLlqEEJmb/aw+c1ake7H0AOSq1xkhTmZxjjr0B/x/gTergqkRBPe/fv25GEUFryPwDGbhuGjps8+wPigfC79cK4E1P+lGSfAnLn8uXbQtgAlLy96OogSQNu+Pfp1bK14/XsWGbAFYuUF4Wn0tl6cB6ZoLMwOb+wJvbEHqpg/AwvjWpryTcht6eiERDlk4vRBQly2p9XAAxVkFkgH2HZOyp+AWcwd953RLm0e6aUaEala2pto2L7kKO1rJ2EGz7BrdX4GRpJUXfddI/1IxrIU/k+FL5fYv4EIN+ytmFANEzrO6ZxIYepmOWMuTErMh7xhn/tcAm+3UA6lGxNUeXyaYJ6bX+D2LttJxDKG3e8wd7u X-OriginatorOrg: witekio.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8e8e7cd1-2a60-4a76-9536-08ded7821687 X-MS-Exchange-CrossTenant-AuthSource: PAXP192MB1405.EURP192.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jul 2026 15:04:45.8428 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 317e086a-301a-49af-9ea4-48a1c458b903 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: /BZgZ+NMs2WGvJYkcpoMYzHUpSdCKHlc6xmv7EFUzimEj/i7tRAi+IGEaira+AQrSpCsPx1HOv97g6u5nOH6UQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXP192MB3339 X-cloud-security-sender: tgaige@witekio.com X-cloud-security-recipient: openembedded-core@lists.openembedded.org X-cloud-security-crypt: load encryption module X-cloud-security-Mailarchiv: E-Mail archived for: tgaige.opensource@witekio.com X-cloud-security-Mailarchivtype: outbound X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mx-gate81-hz12.hornetsecurity.com with 4gr3GF6r9sz1PKm1 X-cloud-security-connect: mail-norwayeastazon11023087.outbound.protection.outlook.com[40.107.159.87], TLS=1, IP=40.107.159.87 X-cloud-security-Digest: 61751287f1552ac352441a411334aacc X-cloud-security: scantime:1.121 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Jul 2026 15:05:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/239987 From: "Theo Gaige (Schneider Electric)" Backport patch [1] mentionned in [2] [1] https://github.com/NetworkConfiguration/dhcpcd/commit/78ea09ed1633a583dbcde6e7bab9df4639ec8a34 [2] https://security-tracker.debian.org/tracker/CVE-2026-56117 Signed-off-by: Theo Gaige (Schneider Electric) --- .../dhcpcd/dhcpcd_10.0.6.bb | 1 + .../dhcpcd/files/CVE-2026-56117.patch | 167 ++++++++++++++++++ 2 files changed, 168 insertions(+) create mode 100644 meta/recipes-connectivity/dhcpcd/files/CVE-2026-56117.patch diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb index bc87b91503..e6854e1c7f 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb @@ -17,6 +17,7 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ file://CVE-2026-56113.patch \ file://CVE-2026-56114.patch \ + file://CVE-2026-56117.patch \ " SRCREV = "1c8ae59836fa87b4c63c598087f0460ec20ed862" diff --git a/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56117.patch b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56117.patch new file mode 100644 index 0000000000..4f79453aed --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/CVE-2026-56117.patch @@ -0,0 +1,167 @@ +From 52e0746deeace02b0ea039441d6cdc58f026018d Mon Sep 17 00:00:00 2001 +From: Roy Marples +Date: Mon, 22 Jun 2026 23:41:53 +0100 +Subject: [PATCH] control: Avoid hangup in the recvdata path + +Instead return an error and bubble it up where it can be +hangup / freed more cleanly. + +Reported-by: CuB3y0nd + +(cherry picked from commit 78ea09ed1633a583dbcde6e7bab9df4639ec8a34) + +CVE: CVE-2026-56117 +Upstream-Status: Backport [https://github.com/NetworkConfiguration/dhcpcd/commit/78ea09ed1633a583dbcde6e7bab9df4639ec8a34] +Signed-off-by: Theo Gaige (Schneider Electric) +--- + src/control.c | 47 ++++++++++++++++++++++++------------------- + src/control.h | 2 +- + src/privsep-control.c | 7 ++++++- + 3 files changed, 33 insertions(+), 23 deletions(-) + +diff --git a/src/control.c b/src/control.c +index 17fd13aa..20480f69 100644 +--- a/src/control.c ++++ b/src/control.c +@@ -115,10 +115,8 @@ control_handle_read(struct fd_list *fd) + bytes = read(fd->fd, buffer, sizeof(buffer) - 1); + if (bytes == -1) + logerr(__func__); +- if (bytes == -1 || bytes == 0) { +- control_hangup(fd); +- return -1; +- } ++ if (bytes == -1 || bytes == 0) ++ return (int)bytes; + + #ifdef PRIVSEP + if (IN_PRIVSEP(fd->ctx)) { +@@ -134,15 +132,13 @@ control_handle_read(struct fd_list *fd) + if (err == 1 && + ps_ctl_sendargs(fd, buffer, (size_t)bytes) == -1) { + logerr(__func__); +- control_free(fd); + return -1; + } +- return 0; ++ return 1; + } + #endif + +- control_recvdata(fd, buffer, (size_t)bytes); +- return 0; ++ return control_recvdata(fd, buffer, (size_t)bytes); + } + + static int +@@ -205,23 +201,31 @@ static void + control_handle_data(void *arg, unsigned short events) + { + struct fd_list *fd = arg; ++ int err; + + if (!(events & (ELE_READ | ELE_WRITE | ELE_HANGUP))) + logerrx("%s: unexpected event 0x%04x", __func__, events); + + if (events & ELE_WRITE && !(events & ELE_HANGUP)) { +- if (control_handle_write(fd) == -1) +- return; ++ err = control_handle_write(fd); ++ if (err == -1) ++ goto hangup; + } + if (events & ELE_READ) { +- if (control_handle_read(fd) == -1) +- return; ++ err = control_handle_read(fd); ++ if (err == -1 || err == 0) ++ goto hangup; + } + if (events & ELE_HANGUP) +- control_hangup(fd); ++ goto hangup; ++ ++ return; ++ ++hangup: ++ control_hangup(fd); + } + +-void ++int + control_recvdata(struct fd_list *fd, char *data, size_t len) + { + char *p = data, *e; +@@ -243,12 +247,13 @@ control_recvdata(struct fd_list *fd, char *data, size_t len) + if (e == NULL) { + errno = EINVAL; + logerrx("%s: no terminator", __func__); +- return; ++ return -1; + } +- if ((size_t)argc >= sizeof(argvp) / sizeof(argvp[0])) { ++ if ((size_t)argc + 1 >= ++ sizeof(argvp) / sizeof(argvp[0])) { + errno = ENOBUFS; + logerrx("%s: no arg buffer", __func__); +- return; ++ return -1; + } + *ap++ = p; + argc++; +@@ -268,12 +273,12 @@ control_recvdata(struct fd_list *fd, char *data, size_t len) + *ap = NULL; + if (dhcpcd_handleargs(fd->ctx, fd, argc, argvp) == -1) { + logerr(__func__); +- if (errno != EINTR && errno != EAGAIN) { +- control_free(fd); +- return; +- } ++ if (errno != EINTR && errno != EAGAIN) ++ return -1; + } + } ++ ++ return 1; + } + + struct fd_list * +diff --git a/src/control.h b/src/control.h +index f5e2bc7e..c5511dd7 100644 +--- a/src/control.h ++++ b/src/control.h +@@ -75,5 +75,5 @@ struct fd_list *control_new(struct dhcpcd_ctx *, int, unsigned int); + void control_free(struct fd_list *); + void control_delete(struct fd_list *); + int control_queue(struct fd_list *, void *, size_t); +-void control_recvdata(struct fd_list *fd, char *, size_t); ++int control_recvdata(struct fd_list *fd, char *, size_t); + #endif +diff --git a/src/privsep-control.c b/src/privsep-control.c +index 40bfb164..954126c0 100644 +--- a/src/privsep-control.c ++++ b/src/privsep-control.c +@@ -108,6 +108,7 @@ ps_ctl_dispatch(void *arg, struct ps_msghdr *psm, struct msghdr *msg) + struct iovec *iov = msg->msg_iov; + struct fd_list *fd; + unsigned int fd_flags = FD_SENDLEN; ++ int err; + + switch (psm->ps_flags) { + case PS_CTL_PRIV: +@@ -131,7 +132,11 @@ ps_ctl_dispatch(void *arg, struct ps_msghdr *psm, struct msghdr *msg) + if (fd == NULL) + return -1; + ctx->ps_control_client = fd; +- control_recvdata(fd, iov->iov_base, iov->iov_len); ++ err = control_recvdata(fd, iov->iov_base, iov->iov_len); ++ if (err == -1 || err == 0) { ++ control_free(fd); ++ ctx->ps_control_client = NULL; ++ } + break; + case PS_CTL_EOF: + ctx->ps_control_client = NULL; +-- +2.43.0 +