1 files changed, 53 insertions, 0 deletions

diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2022-39028.patch b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2022-39028.patch
new file mode 100644
index 0000000000..e8c3f1d84b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2022-39028.patch
@@ -0,0 +1,53 @@
+From 4133a888aa256312186962ab70d4a36eed5920c1 Mon Sep 17 00:00:00 2001
+From: Brooks Davis <brooks@FreeBSD.org>
+Date: Mon, 26 Sep 2022 18:56:51 +0100
+Subject: [PATCH] telnetd: fix two-byte input crash
+
+Move initialization of the slc table earlier so it doesn't get
+accessed before that happens.
+
+For details on the issue, see:
+https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
+
+Reviewed by:	cy
+Obtained from:	NetBSD via cy
+Differential Revision:	https://reviews.freebsd.org/D36680
+
+CVE: CVE-2022-39028
+Upstream-Status: Backport [https://cgit.freebsd.org/src/commit/?id=6914ffef4e23]
+
+(cherry picked from commit 6914ffef4e2318ca1d0ead28eafb6f06055ce0f8)
+Signed-off-by: Sanjay Chitroda <sanjay.chitroda@einfochips.com>
+
+---
+ telnetd/telnetd.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/telnetd/telnetd.c b/telnetd/telnetd.c
+index f36f505..efa0fe1 100644
+--- a/telnetd/telnetd.c
++++ b/telnetd/telnetd.c
+@@ -615,6 +615,11 @@ doit(struct sockaddr_in *who)
+ 	int level;
+ 	char user_name[256];
+ 
++	/*
++	 * Initialize the slc mapping table.
++	 */
++	get_slc_defaults();
++
+ 	/*
+ 	 * Find an available pty to use.
+ 	 */
+@@ -698,11 +703,6 @@ void telnet(int f, int p)
+     char *HE;
+     const char *IM;
+ 
+-    /*
+-     * Initialize the slc mapping table.
+-     */
+-    get_slc_defaults();
+-
+     /*
+      * Do some tests where it is desireable to wait for a response.
+      * Rather than doing them slowly, one at a time, do them all