From 327a87fffbe010bc1deb1be6d6a198ff7520fba9 Mon Sep 17 00:00:00 2001 From: Deepak Rathore Date: Fri, 12 Jun 2026 10:50:49 -0700 Subject: [PATCH] binutils: Fix CVE-2025-69644 This patch updates the existing CVE-2025-69647 backport metadata for CVE-2025-69644. NVD records for CVE-2025-69644 and CVE-2025-69647 reference the same upstream binutils fix commit [1], and the public CVE advisories are referenced in [2] and [3]. [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-69644 [3] https://nvd.nist.gov/vuln/detail/CVE-2025-69647 (From OE-Core rev: 267ff299a6fe6f65e0dd86f5e59bb013921526ce) Signed-off-by: Deepak Rathore Signed-off-by: Yoann Congal Signed-off-by: Paul Barker --- meta/recipes-devtools/binutils/binutils-2.42.inc | 2 +- ...VE-2025-69647.patch => CVE-2025-69644-CVE-2025-69647.patch} | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) rename meta/recipes-devtools/binutils/binutils/{CVE-2025-69647.patch => CVE-2025-69644-CVE-2025-69647.patch} (96%) diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index 1a865c45f4..7e83f72632 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -72,7 +72,7 @@ SRC_URI = "\ file://0028-CVE-2025-11494.patch \ file://0029-CVE-2025-11839.patch \ file://0030-CVE-2025-11840.patch \ - file://CVE-2025-69647.patch \ + file://CVE-2025-69644-CVE-2025-69647.patch \ file://CVE-2025-69648.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-69647.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-69644-CVE-2025-69647.patch similarity index 96% rename from meta/recipes-devtools/binutils/binutils/CVE-2025-69647.patch rename to meta/recipes-devtools/binutils/binutils/CVE-2025-69644-CVE-2025-69647.patch index 8e3c1c79e7..c6b3cefed2 100644 --- a/meta/recipes-devtools/binutils/binutils/CVE-2025-69647.patch +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-69644-CVE-2025-69647.patch @@ -12,11 +12,12 @@ length too. length too small to read header. Limit length to section size. Limit offset count similarly. -CVE: CVE-2025-69647 +CVE: CVE-2025-69644 CVE-2025-69647 Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=455446bbdc8675f34808187de2bbad4682016ff7] Signed-off-by: Adarsh Jagadish Kamini +Signed-off-by: Deepak Rathore --- binutils/dwarf.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-)