binutils: Fix CVE-2025-69644

This patch updates the existing CVE-2025-69647 backport metadata for CVE-2025-69644. NVD records for CVE-2025-69644 and CVE-2025-69647 reference the same upstream binutils fix commit [1], and the public CVE advisories are referenced in [2] and [3]. [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-69644 [3] https://nvd.nist.gov/vuln/detail/CVE-2025-69647 (From OE-Core rev: 267ff299a6fe6f65e0dd86f5e59bb013921526ce) Signed-off-by: Deepak Rathore <deeratho@cisco.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-30 02:13:38 +02:00 · 2026-06-12 10:50:49 -07:00
parent 7d782f3ed0
commit 327a87fffb
2 changed files with 3 additions and 2 deletions
--- a/meta/recipes-devtools/binutils/binutils-2.42.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.42.inc
@@ -72,7 +72,7 @@ SRC_URI = "\
     file://0028-CVE-2025-11494.patch \
     file://0029-CVE-2025-11839.patch \
     file://0030-CVE-2025-11840.patch \
-     file://CVE-2025-69647.patch \
+     file://CVE-2025-69644-CVE-2025-69647.patch \
     file://CVE-2025-69648.patch \
 "
 S  = "${WORKDIR}/git"
--- a/meta/recipes-devtools/binutils/binutils/CVE-2025-69644-CVE-2025-69647.patch
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-69644-CVE-2025-69647.patch
@@ -12,11 +12,12 @@ length too.
 	length too small to read header.  Limit length to section
 	size.  Limit offset count similarly.

-CVE: CVE-2025-69647
+CVE: CVE-2025-69644 CVE-2025-69647

 Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7]

 Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
+Signed-off-by: Deepak Rathore <deeratho@cisco.com>
 ---
 binutils/dwarf.c | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)