From 95ed002ace7ecd3016542224fda33d43c4caee2e Mon Sep 17 00:00:00 2001
From: chenhaixiang <chenhaixiang3@huawei.com>
Date: Wed, 3 Aug 2022 18:21:08 +0800
Subject: [PATCH] fix CVE-2021-20269

Signed-off-by: chenhaixiang <chenhaixiang3@huawei.com>
---
 kdump-lib-initramfs.sh | 2 +-
 kexec-tools.spec       | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/kdump-lib-initramfs.sh b/kdump-lib-initramfs.sh
index a7c0bf9..03949ea 100755
--- a/kdump-lib-initramfs.sh
+++ b/kdump-lib-initramfs.sh
@@ -164,7 +164,7 @@ save_vmcore_dmesg_fs() {
     _exitcode=$?
     if [ $_exitcode -eq 0 ]; then
         mv ${_path}/vmcore-dmesg-incomplete.txt ${_path}/vmcore-dmesg.txt
-
+	chmod 400 ${_path}/vmcore-dmesg.txt
         # Make sure file is on disk. There have been instances where later
         # saving vmcore failed and system rebooted without sync and there
         # was no vmcore-dmesg.txt available.
diff --git a/kexec-tools.spec b/kexec-tools.spec
index 285f704..1433c6f 100644
--- a/kexec-tools.spec
+++ b/kexec-tools.spec
@@ -4,7 +4,7 @@
 
 Name: kexec-tools
 Version: 2.0.20
-Release: 17
+Release: 18
 License: GPLv2+
 Summary: The kexec/kdump userspace component
 URL:     https://www.kernel.org/
@@ -318,6 +318,9 @@ done
 %endif
 
 %changelog
+* Wed Aug 3 2022 chenhaixiang <chenhaixiang3@huawei.com> - 2.0.20-18
+- fix CVE-2021-20269
+
 * Mon Apr 25 2022 wangbin <wangbin224@huawei.com> - 2.0.20-17
 - arm64: kdump: deal with a lot of resource entries in /proc/iomem
 
-- 
Gitee