Commit f92e59a0 authored Jul 13, 2023 by Yogita Urade Committed by Steve Sakoman Jul 13, 2023

dmidecode: fix CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file.
This has security relevance because, for example, execution of
Dmidecode via Sudo is plausible.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-30630
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00016.html
https://lists.nongnu.org/archive/html/dmidecode-devel/2023-04/msg00017.html



Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 11b6e64c

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 4f83427a
· Aug 03, 2023

mentioned in commit 4f83427a

mentioned in commit 4f83427a0a01e8285c9eb42d2a635d1ff7b23779

Toggle commit list

Please register or to comment