Details: https://nvd.nist.gov/vuln/detail/CVE-2024-27983
Pick the patch that mentions this CVE ID explcitly in its commit message. Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../nodejs/nodejs/CVE-2024-27983.patch | 40 +++++++++++++++++++ .../recipes-devtools/nodejs/nodejs_16.20.2.bb | 1 + 2 files changed, 41 insertions(+) create mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/CVE-2024-27983.patch diff --git a/meta-oe/recipes-devtools/nodejs/nodejs/CVE-2024-27983.patch b/meta-oe/recipes-devtools/nodejs/nodejs/CVE-2024-27983.patch new file mode 100644 index 0000000000..895a92052f --- /dev/null +++ b/meta-oe/recipes-devtools/nodejs/nodejs/CVE-2024-27983.patch @@ -0,0 +1,40 @@ +From a8e022586ffe06a27709f4d8c03f328e3042a77d Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari <[email protected]> +Date: Tue, 26 Mar 2024 15:55:13 -0300 +Subject: [PATCH] src: ensure to close stream when destroying session + +From: RafaelGSS <[email protected]> + +Co-Authored-By: Anna Henningsen <[email protected]> +PR-URL: https://github.com/nodejs-private/node-private/pull/561 +Fixes: https://hackerone.com/reports/2319584 +Reviewed-By: Michael Dawson <[email protected]> +Reviewed-By: Marco Ippolito <[email protected]> +Reviewed-By: Matteo Collina <[email protected]> +Reviewed-By: Benjamin Gruenbaum <[email protected]> +CVE-ID: CVE-2024-27983 + +CVE: CVE-2024-27983 +Upstream-Status: Backport [https://github.com/nodejs/node/commit/0fb816dbccde955cd24acc1b16497a91fab507c8] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + src/node_http2.cc | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/node_http2.cc b/src/node_http2.cc +index 53216dc..9a6d63d 100644 +--- a/src/node_http2.cc ++++ b/src/node_http2.cc +@@ -529,6 +529,12 @@ Http2Session::Http2Session(Http2State* http2_state, + Http2Session::~Http2Session() { + CHECK(!is_in_scope()); + Debug(this, "freeing nghttp2 session"); ++ // Ensure that all `Http2Stream` instances and the memory they hold ++ // on to are destroyed before the nghttp2 session is. ++ for (const auto& [id, stream] : streams_) { ++ stream->Detach(); ++ } ++ streams_.clear(); + // Explicitly reset session_ so the subsequent + // current_nghttp2_memory_ check passes. + session_.reset(); diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb index 9c279d1463..9326b26421 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb +++ b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb @@ -31,6 +31,7 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ file://CVE-2024-22025.patch \ file://CVE-2023-46809.patch \ file://CVE-2023-39333.patch \ + file://CVE-2024-27983.patch \ " SRC_URI:append:class-target = " \ file://0001-Using-native-binaries.patch \
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123094): https://lists.openembedded.org/g/openembedded-devel/message/123094 Mute This Topic: https://lists.openembedded.org/mt/117039639/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
