packages/lxc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!400 [sync] PR-398: fix CVE-2022-47052

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
This commit is contained in:
openeuler-ci-bot 2023-01-13 08:45:10 +00:00 committed by Gitee
commit 62b26839c3
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 59 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
0056-fix-cve-CVE-2022-47952-log-leaks-root-information.patch Normal file
View File

@ -0,0 +1,50 @@
From 879297c6c83424af19a47040834fd89f808ef296 Mon Sep 17 00:00:00 2001
From: "Neil.wrz" <wangrunze13@huawei.com>
Date: Thu, 12 Jan 2023 22:53:10 -0800
Subject: [PATCH] update
---
src/lxc/cmd/lxc_user_nic.c | 14 +++++---------
1 file changed, 5 insertions(+), 9 deletions(-)
diff --git a/src/lxc/cmd/lxc_user_nic.c b/src/lxc/cmd/lxc_user_nic.c
index fd34559..8b05262 100644
--- a/src/lxc/cmd/lxc_user_nic.c
+++ b/src/lxc/cmd/lxc_user_nic.c
@@ -1113,20 +1113,16 @@ int main(int argc, char *argv[])
} else if (request == LXC_USERNIC_DELETE) {
char opath[LXC_PROC_PID_FD_LEN];
- /* Open the path with O_PATH which will not trigger an actual
- * open(). Don't report an errno to the caller to not leak
- * information whether the path exists or not.
- * When stracing setuid is stripped so this is not a concern
- * either.
- */
+ // Keep in mind CVE-2022-47952: It's crucial not to leak any
+ // information whether open() succeeded or failed.
netns_fd = open(args.pid, O_PATH | O_CLOEXEC);
if (netns_fd < 0) {
- usernic_error("Failed to open \"%s\"\n", args.pid);
+ usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
_exit(EXIT_FAILURE);
}
if (!fhas_fs_type(netns_fd, NSFS_MAGIC)) {
- usernic_error("Path \"%s\" does not refer to a network namespace path\n", args.pid);
+ usernic_error("Failed while opening netns file for \"%s\"\n", args.pid);
close(netns_fd);
_exit(EXIT_FAILURE);
}
@@ -1140,7 +1136,7 @@ int main(int argc, char *argv[])
/* Now get an fd that we can use in setns() calls. */
ret = open(opath, O_RDONLY | O_CLOEXEC);
if (ret < 0) {
- CMD_SYSERROR("Failed to open \"%s\"\n", args.pid);
+ CMD_SYSERROR("Failed while opening netns file for \"%s\"\n", args.pid);
close(netns_fd);
_exit(EXIT_FAILURE);
}
--
2.25.1

9
lxc.spec
View File

@ -1,4 +1,4 @@
%global _release 2022102407 %global _release 2022102408
Name: lxc Name: lxc
Version: 4.0.3 Version: 4.0.3
@ -63,6 +63,7 @@ Patch0052: 0052-add-lxc-attach-add-gids-option.patch
Patch0053: 0053-change-the-suffi-parameter-in-lxc-attach-help-output.patch Patch0053: 0053-change-the-suffi-parameter-in-lxc-attach-help-output.patch
Patch0054: 0054-rollback-strprint-code-modified.patch Patch0054: 0054-rollback-strprint-code-modified.patch
Patch0055: 0055-add-sscanf-adapation-code-for-musl.patch Patch0055: 0055-add-sscanf-adapation-code-for-musl.patch
Patch0056: 0056-fix-cve-CVE-2022-47952-log-leaks-root-information.patch
BuildRequires: systemd-units git libtool graphviz docbook2X doxygen chrpath BuildRequires: systemd-units git libtool graphviz docbook2X doxygen chrpath
BuildRequires: pkgconfig(libseccomp) BuildRequires: pkgconfig(libseccomp)
@ -243,6 +244,12 @@ make check
%endif %endif
%changelog %changelog
* Fri Jan 13 2023 wangrunze<wangrunze13@huawei.com> - 4.0.3-2022102408
- Type:bugfix
- ID:NA
- SUG:NA
- DESC: fix cve CVE-2022-47952 log leaks root information
* Wed Jan 04 2023 zhongtao<zhongtao17@huawei.com> - 4.0.3-2022102407 * Wed Jan 04 2023 zhongtao<zhongtao17@huawei.com> - 4.0.3-2022102407
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA

1
series.conf
View File

@ -53,3 +53,4 @@
0053-change-the-suffi-parameter-in-lxc-attach-help-output.patch 0053-change-the-suffi-parameter-in-lxc-attach-help-output.patch
0054-rollback-strprint-code-modified.patch 0054-rollback-strprint-code-modified.patch
0055-add-sscanf-adapation-code-for-musl.patch 0055-add-sscanf-adapation-code-for-musl.patch
0056-fix-cve-CVE-2022-47952-log-leaks-root-information.patch