CVS commit: [netbsd-9] src/sys/external/bsd/libnv/dist

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: [netbsd-9] src/sys/external/bsd/libnv/dist
From: "Martin Husemann" <martin%netbsd.org@localhost>
Date: Thu, 5 Sep 2024 10:12:31 +0000

Module Name:    src
Committed By:   martin
Date:           Thu Sep  5 10:12:31 UTC 2024

Modified Files:
        src/sys/external/bsd/libnv/dist [netbsd-9]: nvpair.c

Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1885):

        sys/external/bsd/libnv/dist/nvpair.c: revision 1.13

libnv: Check for NUL within bounds when unpacking string arrays.

This avoids buffer overrun in the subsequent nv_strdup, which can be
triggered by root at securelevel 1 via ioctl(IOC_NPF_*) on /dev/npf.

Matches upstream FreeBSD change by Mariusz Zaborski.

CVE-2024-45288

PR security/58652: libnv: Integer overflow and buffer overrun
vulnerabilities


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.11.2.1 src/sys/external/bsd/libnv/dist/nvpair.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [netbsd-10] src/doc
Next by Date: CVS commit: [netbsd-9] src/doc
Previous by Thread: CVS commit: [netbsd-10] src/doc
Next by Thread: CVS commit: [netbsd-9] src/doc
Indexes:

Home | Main Index | Thread Index | Old Index