wok-current rev 25775
Patch glibc (CVE-2025-4802)
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Thu May 22 19:19:31 2025 +0000 (4 months ago) |
| parents | 16afad7584a2 |
| children | ff2d5cee967f |
| files | glibc/receipt glibc/stuff/CVE-2025-4802.patch |
line diff
1.1 --- a/glibc/receipt Tue May 20 13:58:53 2025 +0000 1.2 +++ b/glibc/receipt Thu May 22 19:19:31 2025 +0000 1.3 @@ -38,6 +38,11 @@ 1.4 # GHOST 1.5 patch -Np1 -i $stuff/glibc-2.14.1-CVE-2015-0235.patch 1.6 1.7 + # Patch for CVE-2025-4802, adjust for backport to 2.28 1.8 + # see https://www.cve.org/CVERecord?id=CVE-2025-4802 1.9 + # see https://sourceware.org/cgit/glibc/commit/?id=1e18586c 1.10 + patch -Np1 -i $stuff/CVE-2025-4802.patch 1.11 + 1.12 # Build in a separate directory. 1.13 mkdir ../glibc-build && cd ../glibc-build 1.14
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/glibc/stuff/CVE-2025-4802.patch Thu May 22 19:19:31 2025 +0000 2.3 @@ -0,0 +1,87 @@ 2.4 +From 5451fa962cd0a90a0e2ec1d8910a559ace02bba0 Mon Sep 17 00:00:00 2001 2.5 +From: Adhemerval Zanella <adhemerval.zanella@linaro.org> 2.6 +Date: Mon, 6 Nov 2023 17:25:49 -0300 2.7 +Subject: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static 2.8 + 2.9 +It mimics the ld.so behavior. 2.10 + 2.11 +Checked on x86_64-linux-gnu. 2.12 +Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> 2.13 +Adjust for backport to glibc 2.28 2.14 +--- 2.15 + elf/dl-support.c | 32 ++++++++++++++++---------------- 2.16 + 1 file changed, 16 insertions(+), 16 deletions(-) 2.17 + 2.18 +diff --git a/elf/dl-support.c b/elf/dl-support.c 2.19 +index 31a608df87..837fa1c836 100644 2.20 +--- a/elf/dl-support.c 2.21 ++++ b/elf/dl-support.c 2.22 +@@ -317,12 +317,34 @@ 2.23 + if (HP_SMALL_TIMING_AVAIL) 2.24 + HP_TIMING_NOW (_dl_cpuclock_offset); 2.25 + 2.26 +- _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; 2.27 +- 2.28 + /* Set up the data structures for the system-supplied DSO early, 2.29 + so they can influence _dl_init_paths. */ 2.30 + setup_vdso (NULL, NULL); 2.31 + 2.32 ++ if (__libc_enable_secure) 2.33 ++ { 2.34 ++ static const char unsecure_envvars[] = 2.35 ++ UNSECURE_ENVVARS 2.36 ++#ifdef EXTRA_UNSECURE_ENVVARS 2.37 ++ EXTRA_UNSECURE_ENVVARS 2.38 ++#endif 2.39 ++ ; 2.40 ++ const char *cp = unsecure_envvars; 2.41 ++ 2.42 ++ while (cp < unsecure_envvars + sizeof (unsecure_envvars)) 2.43 ++ { 2.44 ++ __unsetenv (cp); 2.45 ++ cp = (const char *) __rawmemchr (cp, '\0') + 1; 2.46 ++ } 2.47 ++ 2.48 ++#if !HAVE_TUNABLES 2.49 ++ if (__access ("/etc/suid-debug", F_OK) != 0) 2.50 ++ __unsetenv ("MALLOC_CHECK_"); 2.51 ++#endif 2.52 ++ } 2.53 ++ 2.54 ++ _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1; 2.55 ++ 2.56 + /* Initialize the data structures for the search paths for shared 2.57 + objects. */ 2.58 + _dl_init_paths (getenv ("LD_LIBRARY_PATH")); 2.59 +@@ -340,28 +362,6 @@ 2.60 + if (_dl_profile_output == NULL || _dl_profile_output[0] == '\0') 2.61 + _dl_profile_output 2.62 + = &"/var/tmp\0/var/profile"[__libc_enable_secure ? 9 : 0]; 2.63 +- 2.64 +- if (__libc_enable_secure) 2.65 +- { 2.66 +- static const char unsecure_envvars[] = 2.67 +- UNSECURE_ENVVARS 2.68 +-#ifdef EXTRA_UNSECURE_ENVVARS 2.69 +- EXTRA_UNSECURE_ENVVARS 2.70 +-#endif 2.71 +- ; 2.72 +- const char *cp = unsecure_envvars; 2.73 +- 2.74 +- while (cp < unsecure_envvars + sizeof (unsecure_envvars)) 2.75 +- { 2.76 +- __unsetenv (cp); 2.77 +- cp = (const char *) __rawmemchr (cp, '\0') + 1; 2.78 +- } 2.79 +- 2.80 +-#if !HAVE_TUNABLES 2.81 +- if (__access ("/etc/suid-debug", F_OK) != 0) 2.82 +- __unsetenv ("MALLOC_CHECK_"); 2.83 +-#endif 2.84 +- } 2.85 + 2.86 + #ifdef DL_PLATFORM_INIT 2.87 + DL_PLATFORM_INIT; 2.88 + 2.89 +-- 2.90 +cgit