From 2bfcc55701824f37bf2d0dc3ef5f719d22e9919f Mon Sep 17 00:00:00 2001
From: Praveen Kumar <praveen.kumar@windriver.com>
Date: Wed, 26 Mar 2025 19:50:07 +0000
Subject: docker-moby: Fix CVE-2024-36620

moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference
via daemon/images/image_history.go.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-36620

Upstream-patch:
https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4

Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
 recipes-containers/docker/docker-moby_git.bb       |  1 +
 .../docker/files/CVE-2024-36620.patch              | 40 ++++++++++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 recipes-containers/docker/files/CVE-2024-36620.patch

diff --git a/recipes-containers/docker/docker-moby_git.bb b/recipes-containers/docker/docker-moby_git.bb
index 0abb0b3f..a1879ed2 100644
--- a/recipes-containers/docker/docker-moby_git.bb
+++ b/recipes-containers/docker/docker-moby_git.bb
@@ -56,6 +56,7 @@ SRC_URI = "\
 	file://0001-libnetwork-use-GO-instead-of-go.patch \
         file://0001-cli-use-external-GO111MODULE-and-cross-compiler.patch \
         file://0001-dynbinary-use-go-cross-compiler.patch;patchdir=src/import \
+        file://CVE-2024-36620.patch;patchdir=src/import \
 	"
 
 DOCKER_COMMIT = "${SRCREV_moby}"
diff --git a/recipes-containers/docker/files/CVE-2024-36620.patch b/recipes-containers/docker/files/CVE-2024-36620.patch
new file mode 100644
index 00000000..7bce4137
--- /dev/null
+++ b/recipes-containers/docker/files/CVE-2024-36620.patch
@@ -0,0 +1,40 @@
+From ab570ab3d62038b3d26f96a9bb585d0b6095b9b4 Mon Sep 17 00:00:00 2001
+From: Christopher Petito <47751006+krissetto@users.noreply.github.com>
+Date: Fri, 19 Apr 2024 10:44:30 +0000
+Subject: [PATCH] nil dereference fix on image history Created value
+
+Issue was caused by the changes here https://github.com/moby/moby/pull/45504
+First released in v25.0.0-beta.1
+
+CVE: CVE-2024-36620
+
+Upstream-Status:
+Backport [https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ daemon/images/image_history.go | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/daemon/images/image_history.go b/daemon/images/image_history.go
+index dcf7a906aa..e5adda8639 100644
+--- a/daemon/images/image_history.go
++++ b/daemon/images/image_history.go
+@@ -41,10 +41,14 @@ func (i *ImageService) ImageHistory(ctx context.Context, name string) ([]*image.
+			layer.ReleaseAndLog(i.layerStore, l)
+			layerCounter++
+		}
++		var created int64
++		if h.Created != nil {
++			created = h.Created.Unix()
++		}
+
+		history = append([]*image.HistoryResponseItem{{
+			ID:        "<missing>",
+-			Created:   h.Created.Unix(),
++			Created:   created,
+			CreatedBy: h.CreatedBy,
+			Comment:   h.Comment,
+			Size:      layerSize,
+--
+2.40.0
-- 
cgit v1.2.3-54-g00ecf