[Medium] patch bcc for CVE-2025-29481 (#13426)

Author: jykanase

SPECS/bcc/CVE-2025-29481.patch

@@ -0,0 +1,40 @@
+From bdf29d4b10368cb895961356c09262c16f10d4cf Mon Sep 17 00:00:00 2001
+From: jykanase <[email protected]>
+Date: Mon, 14 Apr 2025 12:42:44 +0000
+Subject: [PATCH] CVE
+
+Upstream patch reference: https://lore.kernel.org/bpf/[email protected]/
+---
+ libbpf-tools/bpftool/libbpf/src/libbpf.c | 2 +-
+ src/cc/libbpf/src/libbpf.c               | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libbpf-tools/bpftool/libbpf/src/libbpf.c b/libbpf-tools/bpftool/libbpf/src/libbpf.c
+index 3ad1392..4d8da50 100644
+--- a/libbpf-tools/bpftool/libbpf/src/libbpf.c
++++ b/libbpf-tools/bpftool/libbpf/src/libbpf.c
+@@ -816,7 +816,7 @@ bpf_object__add_programs(struct bpf_object *obj, Elf_Data *sec_data,
+ 			return -LIBBPF_ERRNO__FORMAT;
+ 		}
+ 
+-		if (sec_off + prog_sz > sec_sz) {
++		if (sec_off >= sec_sz || sec_off + prog_sz > sec_sz) {
+ 			pr_warn("sec '%s': program at offset %zu crosses section boundary\n",
+ 				sec_name, sec_off);
+ 			return -LIBBPF_ERRNO__FORMAT;
+diff --git a/src/cc/libbpf/src/libbpf.c b/src/cc/libbpf/src/libbpf.c
+index 2600d83..40d791a 100644
+--- a/src/cc/libbpf/src/libbpf.c
++++ b/src/cc/libbpf/src/libbpf.c
+@@ -826,7 +826,7 @@ bpf_object__add_programs(struct bpf_object *obj, Elf_Data *sec_data,
+ 			return -LIBBPF_ERRNO__FORMAT;
+ 		}
+ 
+-		if (sec_off + prog_sz > sec_sz) {
++		if (sec_off >= sec_sz || sec_off + prog_sz > sec_sz) {
+ 			pr_warn("sec '%s': program at offset %zu crosses section boundary\n",
+ 				sec_name, sec_off);
+ 			return -LIBBPF_ERRNO__FORMAT;
+-- 
+2.45.2
+

SPECS/bcc/bcc.spec

@@ -2,7 +2,7 @@
 Summary:        BPF Compiler Collection (BCC)
 Name:           bcc
 Version:        0.29.1
-Release:        2%{?dist}
+Release:        3%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -11,6 +11,7 @@ URL:            https://github.com/iovisor/bcc
 # Upstream now provides a release with the git submodule embedded in it
 Source0:        https://github.com/iovisor/bcc/releases/download/v%{version}/%{name}-src-with-submodule.tar.gz#/%{name}-%{version}.tar.gz
 Patch0:         CVE-2024-2314.patch
+Patch1:         CVE-2025-29481.patch
 BuildRequires:  bison
 BuildRequires:  clang-devel
 BuildRequires:  cmake >= 2.8.7
@@ -123,6 +124,9 @@ find %{buildroot}%{_lib64dir} -name '*.a' -delete
 %{_datadir}/%{name}/man/*
 
 %changelog
+* Mon Apr 14 2025 Jyoti Kanase <[email protected]> - 0.29.1-3
+- Patch CVE-2025-29481
+
 * Tue Mar 18 2025 Jyoti Kanase <[email protected]> - 0.29.1-2
 - Fix CVE-2024-2314