From fcdff92b0c53b67f24489b9cb3bdc662ceda9718 Mon Sep 17 00:00:00 2001 From: xujing Date: Fri, 20 May 2022 14:42:00 +0800 Subject: [PATCH] elf: Fix use-after-free in ldconfig [BZ #26779] --- ...-use-after-free-in-ldconfig-BZ-26779.patch | 31 +++++++++++++++++++ glibc.spec | 6 +++- 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch diff --git a/backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch b/backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch new file mode 100644 index 0000000..ddbeb99 --- /dev/null +++ b/backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch @@ -0,0 +1,31 @@ +From 03ad86880f68f498ee04e9ea84cd4f0d14473970 Mon Sep 17 00:00:00 2001 +From: Martin Sebor +Date: Tue, 25 Jan 2022 17:37:56 -0700 +Subject: [PATCH] elf: Fix use-after-free in ldconfig [BZ #26779] + +Conflict:NA +Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=03ad86880f68f498ee04e9ea84cd4f0d14473970 + +Reviewed-by: Carlos O'Donell +--- + elf/ldconfig.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/elf/ldconfig.c b/elf/ldconfig.c +index d14633f5ec..57bb95ebc3 100644 +--- a/elf/ldconfig.c ++++ b/elf/ldconfig.c +@@ -735,9 +735,9 @@ manual_link (char *library) + create_links (real_path, path, libname, soname); + free (soname); + out: +- free (path); + if (path != real_path) + free (real_path); ++ free (path); + } + + +-- +2.23.0 + diff --git a/glibc.spec b/glibc.spec index 719acad..f1219b3 100644 --- a/glibc.spec +++ b/glibc.spec @@ -66,7 +66,7 @@ ############################################################################## Name: glibc Version: 2.34 -Release: 80 +Release: 81 Summary: The GNU libc libraries License: %{all_license} URL: http://www.gnu.org/software/glibc/ @@ -220,6 +220,7 @@ Patch132: elf-Fix-initial-exec-TLS-access-on-audit-modules-BZ-.patch Patch133: posix-glob.c-update-from-gnulib.patch Patch134: linux-Fix-fchmodat-with-AT_SYMLINK_NOFOLLOW-for-64-b.patch Patch135: linux-Fix-posix_spawn-return-code-if-clone-fails-BZ-.patch +Patch136: backport-elf-Fix-use-after-free-in-ldconfig-BZ-26779.patch Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch @@ -1388,6 +1389,9 @@ fi %endif %changelog +* Fri May 20 2022 xujing - 2.34-81 +- elf: Fix use-after-free in ldconfig [BZ #26779] + * Sat May 7 2022 Qingqing Li - 2.34-80 - linux: Fix posix_spawn return code if clone fails (BZ#29109)