diff --git a/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch new file mode 100644 index 0000000000..99caab9cf1 --- /dev/null +++ b/meta-networking/recipes-connectivity/libiec61850/files/CVE-2024-45969.patch @@ -0,0 +1,32 @@ +From 9dfac54daace18d3d3b0ef09d8beecc562e29c1d Mon Sep 17 00:00:00 2001 +From: Michael Zillgith +Date: Wed, 27 Mar 2024 12:26:58 +0000 +Subject: [PATCH] - ACSE: added check for minimum message size (LIB61850-438) + +CVE: CVE-2024-45969 +Upstream-Status: Backport [https://github.com/mz-automation/libiec61850/commit/7afa40390b26ad1f4cf93deaa0052fe7e357ef33] +(cherry picked from commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33) +Signed-off-by: Ankur Tyagi +--- + src/mms/iso_acse/acse.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/mms/iso_acse/acse.c b/src/mms/iso_acse/acse.c +index f46b024d..40ecafe0 100644 +--- a/src/mms/iso_acse/acse.c ++++ b/src/mms/iso_acse/acse.c +@@ -420,6 +420,14 @@ AcseConnection_parseMessage(AcseConnection* self, ByteBuffer* message) + { + AcseIndication indication = ACSE_ERROR; + ++ if (message == NULL || message->size < 1) ++ { ++ if (DEBUG_ACSE) ++ printf("ACSE: invalid message - no payload\n"); ++ ++ return ACSE_ERROR; ++ } ++ + uint8_t* buffer = message->buffer; + + int messageSize = message->size; diff --git a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb index 20dd447c7e..ea8c16e3dc 100644 --- a/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb +++ b/meta-networking/recipes-connectivity/libiec61850/libiec61850_1.5.3.bb @@ -21,6 +21,7 @@ SRC_URI = "git://github.com/mz-automation/${BPN}.git;branch=v1.5;protocol=https file://CVE-2024-26529.patch \ file://CVE-2024-45970.patch \ file://CVE-2024-45971.patch \ + file://CVE-2024-45969.patch \ " S = "${WORKDIR}/git"