poky/blktrace at 696cf580a57de6a0602b51d4a191d54bac901bdd - poky

mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 21:09:03 +02:00

History

Yi Zhao 62917950b7 blktrace: Security fix CVE-2018-10689 CVE-2018-10689: blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file. References: https://nvd.nist.gov/vuln/detail/CVE-2018-10689 Patch from: https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7 (From OE-Core rev: 6a7ed8b1db10abd38bdd20c77a8f27427d381156) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-08-28 10:30:28 +01:00
..
blktrace	blktrace: Security fix CVE-2018-10689	2018-08-28 10:30:28 +01:00
blktrace_git.bb	blktrace: Security fix CVE-2018-10689	2018-08-28 10:30:28 +01:00

Yi Zhao 62917950b7 blktrace: Security fix CVE-2018-10689

CVE-2018-10689: blktrace (aka Block IO Tracing) 1.2.0, as used with the
Linux kernel and Android, has a buffer overflow in the dev_map_read
function in btt/devmap.c because the device and devno arrays are too
small, as demonstrated by an invalid free when using the btt program
with a crafted file.

References:
https://nvd.nist.gov/vuln/detail/CVE-2018-10689

Patch from:
https://git.kernel.org/pub/scm/linux/kernel/git/axboe/blktrace.git/commit/?id=d61ff409cb4dda31386373d706ea0cfb1aaac5b7

(From OE-Core rev: 6a7ed8b1db10abd38bdd20c77a8f27427d381156)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2018-08-28 10:30:28 +01:00

blktrace

blktrace: Security fix CVE-2018-10689

2018-08-28 10:30:28 +01:00

blktrace_git.bb

blktrace: Security fix CVE-2018-10689

2018-08-28 10:30:28 +01:00