[AUTO-CHERRYPICK] Patch ceph for CVE-2025-1744 [CRITICAL] - branch main (#12897)

CBL-Mariner-Bot · KavyaSree2610 · web-flow · commit 648b4bc7a316 · 2025-03-19T15:27:33.000-04:00
Co-authored-by: KavyaSree2610 &lt;92566732+KavyaSree2610@users.noreply.github.com&gt;
diff --git a/SPECS/ceph/CVE-2025-1744.patch b/SPECS/ceph/CVE-2025-1744.patch
@@ -0,0 +1,45 @@
+From b72bc56777fc7b4f63aabbf23217d082846397b7 Mon Sep 17 00:00:00 2001
+From: kavyasree <kkaitepalli@microsoft.com>
+Date: Tue, 11 Mar 2025 12:26:11 +0530
+Subject: [PATCH] Patch for CVE-2025-1744
+Reference: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
+---
+ src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c       | 5 +++--
+ .../tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c | 5 +++--
+ 2 files changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c b/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c
+index ac333e8c2..a32c9bdba 100644
+--- a/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c
++++ b/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c
+@@ -759,8 +759,9 @@ int flush;
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL && 
++                        (len = state->head->extra_len - state->length) <
++				state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);
+diff --git a/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c b/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c
+index ac333e8c2..91b2e6445 100644
+--- a/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c
++++ b/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c
+@@ -759,8 +759,9 @@ int flush;
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL &&
++                        (len = state->head->extra_len - state->length) <
++				state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);
+-- 
+2.34.1
+
diff --git a/SPECS/ceph/ceph.spec b/SPECS/ceph/ceph.spec
@@ -5,7 +5,7 @@
 Summary:        User space components of the Ceph file system
 Name:           ceph
 Version:        16.2.10
-Release:        6%{?dist}
+Release:        7%{?dist}
 License:        LGPLv2 and LGPLv3 and CC-BY-SA and GPLv2 and Boost and BSD and MIT and Public Domain and GPLv3 and ASL-2.0
 URL:            https://ceph.io/
 Vendor:         Microsoft Corporation
@@ -17,7 +17,7 @@ Patch2:         CVE-2022-3650.patch
 Patch3:         CVE-2022-3854.patch
 Patch4:         CVE-2023-43040.patch
 Patch5:         CVE-2024-38517.patch
-
+Patch6:		CVE-2025-1744.patch
 # 
 # Copyright (C) 2004-2019 The Ceph Project Developers. See COPYING file
 # at the top-level directory of this distribution and at
@@ -1813,6 +1813,8 @@ exit 0
 %config %{_sysconfdir}/prometheus/ceph/ceph_default_alerts.yml
 
 %changelog
+* Tue Mar 11 2025 Kavya Sree Kaitepalli <kkaitepalli@microsoft.com> - 16.2.10-7
+- Patch CVE-2025-1744
 * Sat Aug 24 2024 Jon Slobodzian <joslobo@microsoft.com> - 16.2.10-6
 - Add missing Requires for shadow-utils
 
