fix CVE-2021-20269

Signed-off-by: chenhaixiang <chenhaixiang3@huawei.com> (cherry picked from commit 6256dabffd4989c2fd93e71270651f2128971e5e)
2022-08-03 18:05:24 +08:00 · 2022-08-03 18:05:24 +08:00 · 5269d76d5a
commit 5269d76d5a
parent 30012180bf
2 changed files with 5 additions and 2 deletions
--- a/kdump-lib-initramfs.sh
+++ b/kdump-lib-initramfs.sh
@ -164,7 +164,7 @@ save_vmcore_dmesg_fs() {
    _exitcode=$?
    if [ $_exitcode -eq 0 ]; then
        mv ${_path}/vmcore-dmesg-incomplete.txt ${_path}/vmcore-dmesg.txt
-
+	chmod 400 ${_path}/vmcore-dmesg.txt
        # Make sure file is on disk. There have been instances where later
        # saving vmcore failed and system rebooted without sync and there
        # was no vmcore-dmesg.txt available.
--- a/kexec-tools.spec
+++ b/kexec-tools.spec
@ -4,7 +4,7 @@

 Name: kexec-tools
 Version: 2.0.23
-Release: 4
+Release: 5
 License: GPLv2
 Summary: The kexec/kdump userspace component
 URL:     https://www.kernel.org/
@ -290,6 +290,9 @@ done
 %endif

 %changelog
+* Wed Aug 3 2022 chenhaixiang <chenhaixiang3@huawei.com> - 2.0.23-5
+- fix CVE-2021-20269
+
 * Fri Mar 11 2022 wangbin <wangbin224@huawei.com> - 2.0.23-4
 - packing 98-kexec.rules instead of 98-kexec.rules.ppc64