diff --git a/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch b/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch new file mode 100644 index 0000000..1cf5507 --- /dev/null +++ b/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch @@ -0,0 +1,44 @@ +From 4dc4e33ffa108e945fc8a1e2bbc7819791faa61e Mon Sep 17 00:00:00 2001 +From: Olivier Matz +Date: Thu, 28 Nov 2024 12:09:56 +0100 +Subject: [PATCH] net/virtio: fix Rx checksum calculation + +If hdr->csum_start is larger than packet length, the len argument passed +to rte_raw_cksum_mbuf() overflows and causes a segmentation fault. + +Ignore checksum computation in this case. + +CVE-2024-11614 + +Fixes: ca7036b4af3a ("vhost: fix offload flags in Rx path") + +Signed-off-by: Maxime Gouin +Signed-off-by: Olivier Matz +Reviewed-by: Maxime Coquelin + +CVE: CVE-2024-11614 + +Upstream-Status: Backport [https://git.dpdk.org/dpdk/commit/?id=4dc4e33ffa108e945fc8a1e2bbc7819791faa61e] + +Signed-off-by: Divya Chellam +--- + lib/vhost/virtio_net.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c +index 895a79cf51..058b5842f2 100644 +--- a/lib/vhost/virtio_net.c ++++ b/lib/vhost/virtio_net.c +@@ -2831,6 +2831,9 @@ vhost_dequeue_offload(struct virtio_net *dev, struct virtio_net_hdr *hdr, + */ + uint16_t csum = 0, off; + ++ if (hdr->csum_start >= rte_pktmbuf_pkt_len(m)) ++ return; ++ + if (rte_raw_cksum_mbuf(m, hdr->csum_start, + rte_pktmbuf_pkt_len(m) - hdr->csum_start, &csum) < 0) + return; +-- +2.40.0 + diff --git a/recipes-extended/dpdk/dpdk_23.11.1.bb b/recipes-extended/dpdk/dpdk_23.11.1.bb index e7a0a23..4c6d234 100644 --- a/recipes-extended/dpdk/dpdk_23.11.1.bb +++ b/recipes-extended/dpdk/dpdk_23.11.1.bb @@ -1,6 +1,8 @@ include dpdk.inc -SRC_URI += " file://0001-config-meson-get-cpu_instruction_set-from-meson-opti.patch " +SRC_URI += " file://0001-config-meson-get-cpu_instruction_set-from-meson-opti.patch \ + file://CVE-2024-11614.patch \ + " STABLE = "-stable" BRANCH = "23.11"