From 85dda3f6eef5dc24f2d32c52e03790bb016761b3 Mon Sep 17 00:00:00 2001
From: root <wangxp006@163.com>
Date: Thu, 23 Dec 2021 15:19:45 +0800
Subject: [PATCH] CVE-2021-44225

---
 CVE-2021-44225.patch | 39 +++++++++++++++++++++++++++++++++++++++
 keepalived.spec      |  9 ++++++++-
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2021-44225.patch

diff --git a/CVE-2021-44225.patch b/CVE-2021-44225.patch
new file mode 100644
index 0000000..802484f
--- /dev/null
+++ b/CVE-2021-44225.patch
@@ -0,0 +1,39 @@
+From 7977fec0be89ae6fe87405b3f8da2f0b5e415e3d Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <vincent@bernat.ch>
+Date: Tue, 23 Nov 2021 06:50:59 +0100
+Subject: [PATCH] dbus: fix policy to not be overly broad
+The DBus policy did not restrict the message destination, allowing any
+user to inspect and manipulate any property.
+CVE-2021-44225
+https://nvd.nist.gov/vuln/detail/CVE-2021-44225
+Reference:https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d.patch
+Conflict:NA
+Signed-off-by: Vincent Bernat <vincent@bernat.ch>
+---
+ keepalived/dbus/org.keepalived.Vrrp1.conf | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+diff --git a/keepalived/dbus/org.keepalived.Vrrp1.conf b/keepalived/dbus/org.keepalived.Vrrp1.conf
+index 2b78a575c..b5ced6085 100644
+--- a/keepalived/dbus/org.keepalived.Vrrp1.conf
++++ b/keepalived/dbus/org.keepalived.Vrrp1.conf
+@@ -3,12 +3,15 @@
+  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+ <busconfig>
+ 	<policy user="root">
+-		<allow own="org.keepalived.Vrrp1"/>
+-		<allow send_destination="org.keepalived.Vrrp1"/>
++		<allow own="org.keepalived.Vrrp1" />
++		<allow send_destination="org.keepalived.Vrrp1" />
+ 	</policy>
+ 	<policy context="default">
+-		<allow send_interface="org.freedesktop.DBus.Introspectable" />
+-		<allow send_interface="org.freedesktop.DBus.Peer" />
+-		<allow send_interface="org.freedesktop.DBus.Properties" />
++		<allow send_destination="org.keepalived.Vrrp1"
++		       send_interface="org.freedesktop.DBus.Introspectable" />
++		<allow send_destination="org.keepalived.Vrrp1"
++		       send_interface="org.freedesktop.DBus.Peer" />
++		<allow send_destination="org.keepalived.Vrrp1"
++		       send_interface="org.freedesktop.DBus.Properties" />
+ 	</policy>
+ </busconfig>
diff --git a/keepalived.spec b/keepalived.spec
index 0a7a834..2f1970b 100644
--- a/keepalived.spec
+++ b/keepalived.spec
@@ -9,7 +9,7 @@
 
 Name:		keepalived
 Version:	2.0.20
-Release:	18
+Release:	19
 Summary:	High Availability monitor built upon LVS, VRRP and service pollers
 License:	GPLv2+
 URL:		http://www.keepalived.org/
@@ -27,6 +27,7 @@ Patch0008:	0008-ipvs-fix-a-file-descriptor-leak-with-SSL_GET.patch
 Patch0009:	0009-core-Fix-a-file-descriptor-leak-when-reloading.patch
 Patch0010:	0010-vrrp-Don-t-segfault-when-a-VRID-is-changed-on-a-VMAC.patch
 Patch0011:	0011-vrrp-clear-old_vrrp_data-and-old_global_data-when-me.patch
+Patch0012:      CVE-2021-44225.patch
 
 BuildRequires:	net-snmp-devel gcc systemd-units openssl-devel libnl3-devel
 BuildRequires:  ipset-devel iptables-devel libnfnetlink-devel libnftnl-devel
@@ -102,6 +103,12 @@ install -Dd -m 0755 %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man*
 
 %changelog
+* Thu Dec 23 2021 wangxp006 <wangxp006@163.com> -  2.0.20-19
+- Type:bugfix
+- ID:NA 
+- SUG:NA
+- DESC:fix CVE-2021-44225
+
 * Thu Jun 10 2021 kwb0523<kwb0523@163.com> - 2.0.20-18
 - backport upstream patchs
 
-- 
Gitee