summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
diff options
context:
space:
mode:
authorArchana Polampalli <archana.polampalli@windriver.com>2025-07-11 17:03:13 +0530
committerSteve Sakoman <steve@sakoman.com>2025-07-18 08:32:26 -0700
commitb6acab6e64c74a92c0bbaf29647e0737575712cd (patch)
tree41230c2f7da9d0a122e9079d6a015efaaa329f14 /meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
parentd668325fd8dbbdb180bf469d60693759ee477034 (diff)
downloadpoky-b6acab6e64c74a92c0bbaf29647e0737575712cd.tar.gz
ofono: fix CVE-2023-4235
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report(). (From OE-Core rev: 3a3519324ec390044ff9f97c0f32027782699124) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-02 06:22:27 +0000