[Medium] Patch valkey for CVE-2025-27151 (#14030)

SumitJenaHCL · web-flow · commit 825c141ef7b8 · 2025-06-23T13:58:30.000+05:30
diff --git a/SPECS/valkey/CVE-2025-27151.patch b/SPECS/valkey/CVE-2025-27151.patch
@@ -0,0 +1,30 @@
+From 992e828dc6f1a20b27780892a97ced9dbdd6e75c Mon Sep 17 00:00:00 2001
+From: SumitJenaHCL <v-sumitjena@microsoft.com>
+Date: Tue, 17 Jun 2025 17:46:43 +0000
+Subject: [PATCH] Patch CVE-2025-27151
+
+Upstream Patch Reference: https://github.com/valkey-io/valkey/commit/73696bf6e2cf754acc3ec24eaf9ca6b879bfc5d7
+---
+ src/valkey-check-aof.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/valkey-check-aof.c b/src/valkey-check-aof.c
+index bc71d36..c43c30b 100644
+--- a/src/valkey-check-aof.c
++++ b/src/valkey-check-aof.c
+@@ -556,6 +556,12 @@ int redis_check_aof_main(int argc, char **argv) {
+         goto invalid_args;
+     }
+ 
++    /* Check if filepath is longer than PATH_MAX */
++    if (strnlen(filepath, PATH_MAX + 1) > PATH_MAX) {
++        printf("Error: filepath is too long (exceeds PATH_MAX)\n");
++        goto invalid_args;
++    }
++
+     /* In the glibc implementation dirname may modify their argument. */
+     memcpy(temp_filepath, filepath, strlen(filepath) + 1);
+     dirpath = dirname(temp_filepath);
+-- 
+2.45.2
+
diff --git a/SPECS/valkey/valkey.spec b/SPECS/valkey/valkey.spec
@@ -1,7 +1,7 @@
 Summary:        advanced key-value store
 Name:           valkey
 Version:        8.0.3
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -11,6 +11,7 @@ Source0:        https://github.com/valkey-io/valkey/archive/refs/tags/%{version}
 Patch0:         valkey-conf.patch
 Patch1:         disable-mem-defrag-tests.patch
 Patch2:         CVE-2025-49112.patch
+Patch3:         CVE-2025-27151.patch
 BuildRequires:  gcc
 BuildRequires:  make
 BuildRequires:  openssl-devel
@@ -85,6 +86,9 @@ exit 0
 %config(noreplace) %attr(0640, %{name}, %{name}) %{_sysconfdir}/valkey.conf
 
 %changelog
+* Wed Jun 18 2025 Sumit Jena <v-sumitjena@microsoft.com> - 8.0.3-3
+- Fix CVE-2025-27151
+
 * Thu Jun 12 2025 Sumit Jena <v-sumitjena@microsoft.com> - 8.0.3-2
 - Fix CVE-2025-49112
 
