diff --git a/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch b/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch new file mode 100644 index 0000000..ea80403 --- /dev/null +++ b/recipes-extended/dpdk/dpdk/CVE-2024-11614.patch @@ -0,0 +1,43 @@ +From 4dc4e33ffa108e945fc8a1e2bbc7819791faa61e Mon Sep 17 00:00:00 2001 +From: Olivier Matz +Date: Thu, 28 Nov 2024 12:09:56 +0100 +Subject: [PATCH] net/virtio: fix Rx checksum calculation + +If hdr->csum_start is larger than packet length, the len argument passed +to rte_raw_cksum_mbuf() overflows and causes a segmentation fault. + +Ignore checksum computation in this case. + +CVE-2024-11614 + +Fixes: ca7036b4af3a ("vhost: fix offload flags in Rx path") + +Signed-off-by: Maxime Gouin +Signed-off-by: Olivier Matz +Reviewed-by: Maxime Coquelin + +CVE: CVE-2024-11614 + +Upstream-Status: Backport [https://git.dpdk.org/dpdk/commit/?id=4dc4e33ffa108e945fc8a1e2bbc7819791faa61e] + +Signed-off-by: Divya Chellam +--- + lib/vhost/virtio_net.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/vhost/virtio_net.c b/lib/vhost/virtio_net.c +index fa0779d03d..038ac6a774 100644 +--- a/lib/vhost/virtio_net.c ++++ b/lib/vhost/virtio_net.c +@@ -2261,6 +2261,9 @@ vhost_dequeue_offload(struct virtio_net_hdr *hdr, struct rte_mbuf *m, + */ + uint16_t csum = 0, off; + ++ if (hdr->csum_start >= rte_pktmbuf_pkt_len(m)) ++ return; ++ + if (rte_raw_cksum_mbuf(m, hdr->csum_start, + rte_pktmbuf_pkt_len(m) - hdr->csum_start, &csum) < 0) + return; +-- +2.40.0 diff --git a/recipes-extended/dpdk/dpdk_21.11.7.bb b/recipes-extended/dpdk/dpdk_21.11.7.bb index 848a4b2..1e20e39 100644 --- a/recipes-extended/dpdk/dpdk_21.11.7.bb +++ b/recipes-extended/dpdk/dpdk_21.11.7.bb @@ -2,6 +2,7 @@ include dpdk.inc SRC_URI += " \ file://0001-meson.build-march-and-mcpu-already-passed-by-Yocto-21.11.patch \ + file://CVE-2024-11614.patch \ " STABLE = "-stable"