|
| 1 | +From eef7621da1f785e18481bf746af4e08e5f21495e Mon Sep 17 00:00:00 2001 |
| 2 | +From: AllSpark <allspark@microsoft.com> |
| 3 | +Date: Mon, 12 Jan 2026 16:41:13 +0000 |
| 4 | +Subject: [PATCH] Fix CVE-2025-13151: Prevent stack-based buffer overflow by |
| 5 | + increasing buffer size in decoding.c; Update NEWS with vulnerability fix note |
| 6 | + |
| 7 | +Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> |
| 8 | +Upstream-reference: AI Backport of https://gitlab.com/gnutls/libtasn1/-/commit/d276cc495a2a32b182c3c39851f1ba58f2d9f9b8.patch |
| 9 | +--- |
| 10 | + NEWS | 2 ++ |
| 11 | + lib/minitasn1/decoding.c | 2 +- |
| 12 | + 2 files changed, 3 insertions(+), 1 deletion(-) |
| 13 | + |
| 14 | +diff --git a/NEWS b/NEWS |
| 15 | +index 5e32a3b..c9852ba 100644 |
| 16 | +--- a/NEWS |
| 17 | ++++ b/NEWS |
| 18 | +@@ -5,6 +5,8 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. |
| 19 | + Copyright (C) 2013-2019 Nikos Mavrogiannopoulos |
| 20 | + See the end for copying conditions. |
| 21 | + |
| 22 | ++- Fix for vulnerbaility CVE-2025-13151 Stack-based buffer overflow |
| 23 | ++ |
| 24 | + * Version 3.8.3 (released 2024-01-16) |
| 25 | + |
| 26 | + ** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange |
| 27 | +diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c |
| 28 | +index b9245c4..bc45138 100644 |
| 29 | +--- a/lib/minitasn1/decoding.c |
| 30 | ++++ b/lib/minitasn1/decoding.c |
| 31 | +@@ -1976,7 +1976,7 @@ int |
| 32 | + asn1_expand_octet_string (asn1_node_const definitions, asn1_node * element, |
| 33 | + const char *octetName, const char *objectName) |
| 34 | + { |
| 35 | +- char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE]; |
| 36 | ++ char name[2 * ASN1_MAX_NAME_SIZE + 2], value[ASN1_MAX_NAME_SIZE]; |
| 37 | + int retCode = ASN1_SUCCESS, result; |
| 38 | + int len, len2, len3; |
| 39 | + asn1_node_const p2; |
| 40 | +-- |
| 41 | +2.45.4 |
| 42 | + |
0 commit comments