helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

redis: patch CVE-2025-27151

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27151

Backport the patch mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-10-07 21:49:34 +02:00
parent f786847743
commit 0436597eb6
4 changed files with 67 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
meta-oe/recipes-extended/redis/redis-7.2.8/0001-Check-length-of-AOF-file-name-in-redis-check-aof-CVE.patch Normal file
View File

@ -0,0 +1,34 @@
From 1b71849d83940971b95b7c576cdfbc9ff60d48b2 Mon Sep 17 00:00:00 2001
From: YaacovHazan <yaacov.hazan@redis.com>
Date: Tue, 27 May 2025 10:23:27 +0300
Subject: [PATCH] Check length of AOF file name in redis-check-aof
(CVE-2025-27151)
Ensure that the length of the input file name does not exceed PATH_MAX
CVE: CVE-2025-27151
Upstream-Status: Backport [https://github.com/redis/redis/commit/d0eeee6e31f0fefb510007a8cfdf5dce729a8be9]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
src/redis-check-aof.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/redis-check-aof.c b/src/redis-check-aof.c
index e28126d..5b3ee2a 100644
--- a/src/redis-check-aof.c
+++ b/src/redis-check-aof.c
@@ -547,6 +547,12 @@ int redis_check_aof_main(int argc, char **argv) {
goto invalid_args;
}
+ /* Check if filepath is longer than PATH_MAX */
+ if (strlen(filepath) > PATH_MAX) {
+ printf("Error: filepath is too long (exceeds PATH_MAX)\n");
+ goto invalid_args;
+ }
+
/* In the glibc implementation dirname may modify their argument. */
memcpy(temp_filepath, filepath, strlen(filepath) + 1);
dirpath = dirname(temp_filepath);

31
meta-oe/recipes-extended/redis/redis/0001-CVE-2025-27151.patch Normal file
View File

@ -0,0 +1,31 @@
From 96f00cb60cb6e73c66375264227872053385bea2 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Tue, 7 Oct 2025 21:26:55 +0200
Subject: [PATCH] CVE-2025-27151
Ensure that the length of the input file name does not exceed PATH_MAX
CVE: CVE-2025-27151
Upstream-Status: Backport [https://github.com/redis/redis/commit/d0eeee6e31f0fefb510007a8cfdf5dce729a8be9]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
src/redis-check-aof.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/redis-check-aof.c b/src/redis-check-aof.c
index 1507e0a..f7dd5cb 100644
--- a/src/redis-check-aof.c
+++ b/src/redis-check-aof.c
@@ -164,6 +164,11 @@ int redis_check_aof_main(int argc, char **argv) {
exit(1);
}
+ if (strlen(filename) > PATH_MAX) {
+ printf("Error: filename is too long (exceeds PATH_MAX)\n");
+ exit(1);
+ }
+
FILE *fp = fopen(filename,"r+");
if (fp == NULL) {
printf("Cannot open file: %s\n", filename);

1
meta-oe/recipes-extended/redis/redis_6.2.18.bb
View File

@ -16,6 +16,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://0004-src-Do-not-reset-FINAL_LIBS.patch \
file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \
file://0001-CVE-2025-27151.patch \
"
SRC_URI[sha256sum] = "470c75bac73d7390be4dd66479c6f29e86371c5d380ce0c7efb4ba2bbda3612d"

1
meta-oe/recipes-extended/redis/redis_7.2.8.bb
View File

@ -16,6 +16,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://0004-src-Do-not-reset-FINAL_LIBS.patch \
file://0005-Define-_GNU_SOURCE-to-get-PTHREAD_MUTEX_INITIALIZER.patch \
file://0006-Define-correct-gregs-for-RISCV32.patch \
file://0001-Check-length-of-AOF-file-name-in-redis-check-aof-CVE.patch \
"
SRC_URI[sha256sum] = "6be4fdfcdb2e5ac91454438246d00842d2671f792673390e742dfcaf1bf01574"