From a4d0878c5e88ec2b59a745afeae4e5be398fb686 Mon Sep 17 00:00:00 2001 From: bwzhang Date: Fri, 15 Mar 2024 09:48:52 +0800 Subject: [PATCH] fix CVE-2022-23471 --- 0002-Fix-CVE-2022-23471.patch | 59 +++++++++++++++++++++++++++++++++++ k3s-containerd.spec | 9 +++++- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 0002-Fix-CVE-2022-23471.patch diff --git a/0002-Fix-CVE-2022-23471.patch b/0002-Fix-CVE-2022-23471.patch new file mode 100644 index 0000000..016b034 --- /dev/null +++ b/0002-Fix-CVE-2022-23471.patch @@ -0,0 +1,59 @@ +From 0550bb17949c1793e0da20270d3793d0e7583b1e Mon Sep 17 00:00:00 2001 +From: bwzhang +Date: Fri, 15 Mar 2024 09:33:45 +0800 +Subject: [PATCH] Fix CVE-2022-23471 + +--- + pkg/cri/streaming/remotecommand/httpstream.go | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/pkg/cri/streaming/remotecommand/httpstream.go b/pkg/cri/streaming/remotecommand/httpstream.go +index 0417a1a..9177fa7 100644 +--- a/pkg/cri/streaming/remotecommand/httpstream.go ++++ b/pkg/cri/streaming/remotecommand/httpstream.go +@@ -33,6 +33,7 @@ limitations under the License. + package remotecommand + + import ( ++ gocontext "context" + "encoding/json" + "errors" + "fmt" +@@ -132,7 +133,7 @@ func createStreams(req *http.Request, w http.ResponseWriter, opts *Options, supp + + if ctx.resizeStream != nil { + ctx.resizeChan = make(chan remotecommand.TerminalSize) +- go handleResizeEvents(ctx.resizeStream, ctx.resizeChan) ++ go handleResizeEvents(req.Context(), ctx.resizeStream, ctx.resizeChan) + } + + return ctx, true +@@ -425,7 +426,7 @@ WaitForStreams: + // supportsTerminalResizing returns false because v1ProtocolHandler doesn't support it. + func (*v1ProtocolHandler) supportsTerminalResizing() bool { return false } + +-func handleResizeEvents(stream io.Reader, channel chan<- remotecommand.TerminalSize) { ++func handleResizeEvents(ctx gocontext.Context, stream io.Reader, channel chan<- remotecommand.TerminalSize) { + defer runtime.HandleCrash() + defer close(channel) + +@@ -435,7 +436,15 @@ func handleResizeEvents(stream io.Reader, channel chan<- remotecommand.TerminalS + if err := decoder.Decode(&size); err != nil { + break + } +- channel <- size ++ ++ select { ++ case channel <- size: ++ case <-ctx.Done(): ++ // To avoid leaking this routine, exit if the http request finishes. This path ++ // would generally be hit if starting the process fails and nothing is started to ++ // ingest these resize events. ++ return ++ } + } + } + +-- +2.20.1 + diff --git a/k3s-containerd.spec b/k3s-containerd.spec index 3a2bad6..0e3fcf8 100644 --- a/k3s-containerd.spec +++ b/k3s-containerd.spec @@ -3,13 +3,14 @@ %global version_suffix k3s1 Version: 1.6.6 Name: k3s-containerd -Release: 5 +Release: 6 Summary: An industry-standard container runtime License: Apache-2.0 URL: https://github.com/k3s-io/containerd Source0: https://github.com/k3s-io/containerd/archive/refs/tags/v%{version}-%{version_suffix}.tar.gz Patch0001: 0001-Fix-CVE-2023-25153.patch +Patch0002: 0002-Fix-CVE-2022-23471.patch BuildRequires: golang glibc-static make btrfs-progs-devel @@ -70,6 +71,12 @@ cp -rf %{_builddir}/containerd-%{version}-%{version_suffix}/. %{buildroot}%{_lib %changelog +* Fri Mar 15 2024 zhangbowei - 1.6.6-k3s1-6 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC: fix CVE-2022-23471 + * Wed Mar 13 2024 zhangbowei - 1.6.6-k3s1-5 - Type:bugfix - CVE:NA -- Gitee