From 83b1c224ce59a54d4bafb8a6fd7e5b4397d259a3 Mon Sep 17 00:00:00 2001 From: ankita Date: Fri, 15 Nov 2024 15:43:02 +0530 Subject: [PATCH] fluent-bit: Address CVE-2024-25431 Signed-off-by: ankita --- SPECS/fluent-bit/CVE-2024-25431.patch | 48 +++++++++++++++++++++++++++ SPECS/fluent-bit/fluent-bit.spec | 6 +++- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 SPECS/fluent-bit/CVE-2024-25431.patch diff --git a/SPECS/fluent-bit/CVE-2024-25431.patch b/SPECS/fluent-bit/CVE-2024-25431.patch new file mode 100644 index 00000000000..d0b4906e6c0 --- /dev/null +++ b/SPECS/fluent-bit/CVE-2024-25431.patch @@ -0,0 +1,48 @@ +diff --git a/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c b/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c +index 2a06f42..506ee29 100644 +--- a/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c ++++ b/lib/wasm-micro-runtime-WAMR-1.3.0/core/iwasm/interpreter/wasm_loader.c +@@ -3980,14 +3980,22 @@ check_wasi_abi_compatibility(const WASMModule *module, + /* clang-format on */ + + WASMExport *initialize = NULL, *memory = NULL, *start = NULL; ++ uint32 import_function_count = module->import_function_count; ++ WASMType *func_type; + + /* (func (export "_start") (...) */ + start = wasm_loader_find_export(module, "", "_start", EXPORT_KIND_FUNC, + error_buf, error_buf_size); + if (start) { +- WASMType *func_type = +- module->functions[start->index - module->import_function_count] +- ->func_type; ++ if (start->index < import_function_count) { ++ set_error_buf( ++ error_buf, error_buf_size, ++ "the builtin _start function can not be an import function"); ++ return false; ++ } ++ ++ func_type = ++ module->functions[start->index - import_function_count]->func_type; + if (func_type->param_count || func_type->result_count) { + set_error_buf(error_buf, error_buf_size, + "the signature of builtin _start function is wrong"); +@@ -3999,8 +4007,15 @@ check_wasi_abi_compatibility(const WASMModule *module, + initialize = wasm_loader_find_export( + module, "", "_initialize", EXPORT_KIND_FUNC, error_buf, error_buf_size); + if (initialize) { +- WASMType *func_type = +- module->functions[initialize->index - module->import_function_count] ++ if (initialize->index < import_function_count) { ++ set_error_buf(error_buf, error_buf_size, ++ "the builtin _initialize function can not be an " ++ "import function"); ++ return false; ++ } ++ ++ func_type = ++ module->functions[initialize->index - import_function_count] + ->func_type; + if (func_type->param_count || func_type->result_count) { + set_error_buf( diff --git a/SPECS/fluent-bit/fluent-bit.spec b/SPECS/fluent-bit/fluent-bit.spec index bf31be314b4..04262b73526 100644 --- a/SPECS/fluent-bit/fluent-bit.spec +++ b/SPECS/fluent-bit/fluent-bit.spec @@ -1,7 +1,7 @@ Summary: Fast and Lightweight Log processor and forwarder for Linux, BSD and OSX Name: fluent-bit Version: 3.0.6 -Release: 2%{?dist} +Release: 3%{?dist} License: Apache-2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -10,6 +10,7 @@ Source0: https://github.com/fluent/%{name}/archive/refs/tags/v%{version}. Patch0: CVE-2024-34250.patch Patch1: CVE-2024-25629.patch Patch2: CVE-2024-28182.patch +Patch3: CVE-2024-25431.patch BuildRequires: bison BuildRequires: cmake BuildRequires: cyrus-sasl-devel @@ -83,6 +84,9 @@ Development files for %{name} %{_libdir}/fluent-bit/*.so %changelog +* Fri Nov 15 2024 Ankita Pareek - 3.0.6-3 +- Address CVE-2024-25431 + * Tue Oct 15 2024 Chris Gunn - 3.0.6-2 - CVE-2024-34250 - CVE-2024-25629