helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

openh264: patch CVE-2025-27091

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-27091

The advisory confirms that the bug was fixed in v2.6.0.
When looking at the relevant Github advisory[1], it mentions
the name of the implementer. Pick the patch that was included
in this release, created by the mentioned Github account and
isn't only a cosmetic or build-system change.

[1]: https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-12-16 20:40:04 +01:00
parent 94f3cecaae
commit 5c3e0fc516
2 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
meta-multimedia/recipes-multimedia/openh264/openh264/CVE-2025-27091.patch Normal file
View File

@ -0,0 +1,27 @@
From 4e82ae10b594d87da2a7884c2de850857931c78f Mon Sep 17 00:00:00 2001
From: BenzhengZhang <140143892+BenzhengZhang@users.noreply.github.com>
Date: Thu, 19 Dec 2024 17:12:42 +0800
Subject: [PATCH] Potential bug fix (#3818)
CVE: CVE-2025-27091
Upstream-Status: Backport [https://github.com/cisco/openh264/commit/63db555e30986e3a5f07871368dc90ae78c27449]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
codec/decoder/core/src/decoder.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/codec/decoder/core/src/decoder.cpp b/codec/decoder/core/src/decoder.cpp
index 3b38032a..b971f12f 100644
--- a/codec/decoder/core/src/decoder.cpp
+++ b/codec/decoder/core/src/decoder.cpp
@@ -844,6 +844,10 @@ int32_t WelsDecodeBs (PWelsDecoderContext pCtx, const uint8_t* kpBsBuf, const in
return pCtx->iErrorCode;
}
+ if (pCtx->iErrorCode != ERR_NONE && !(pCtx->iErrorCode & dsDataErrorConcealed)) {
+ return pCtx->iErrorCode;
+ }
+
pDstNal += (iDstIdx + 4); //init, increase 4 reserved zero bytes, used to store the next NAL
if ((iSrcLength - iSrcConsumed + 4) > (pRawData->pEnd - pDstNal)) {
pDstNal = pRawData->pCurPos = pRawData->pHead;

1
meta-multimedia/recipes-multimedia/openh264/openh264_2.1.1.bb
View File

@ -15,6 +15,7 @@ SRCREV = "50a1fcf70fafe962c526749991cb4646406933ba"
BRANCH = "openh264v2.1.1"
SRC_URI = "git://github.com/cisco/openh264.git;protocol=https;branch=${BRANCH} \
file://0001-Makefile-Use-cp-options-to-preserve-file-mode.patch \
file://CVE-2025-27091.patch \
"
COMPATIBLE_MACHINE:armv7a = "(.*)"