mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

binutils: CVE-2022-48063

Browse Source 
Source: Binutils
MR: 128800
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd
ChangeID: ab04e4ec62d054c90d94f82230adb2342ce1ee1b
Description:

Affects binutils < 2.40

(From OE-Core rev: 80a8d16a4038868469b4583404b6f73e12bae0f1)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Armin Kuster
2023-10-17 13:36:54 -04:00
committed by Steve Sakoman
parent 8391218990
commit f550a63161
2 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-devtools/binutils/binutils-2.38.inc
View File

@@ -65,5 +65,6 @@ SRC_URI = "\
file://0031-CVE-2022-45703-1.patch \
file://0031-CVE-2022-45703-2.patch \
file://0031-CVE-2022-47695.patch \
file://CVE-2022-48063.patch \
"
S = "${WORKDIR}/git"

48
meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch Normal file
View File

@@ -0,0 +1,48 @@
From 75393a2d54bcc40053e5262a3de9d70c5ebfbbfd Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Wed, 21 Dec 2022 11:51:23 +0000
Subject: [PATCH] Fix an attempt to allocate an unreasonably large amount of
memory when parsing a corrupt ELF file.
PR 29924
* objdump.c (load_specific_debug_section): Check for excessively
large sections.
Upstream-Status: Backport
CVE: CVE-2022-48063
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
binutils/ChangeLog | 6 ++++++
binutils/objdump.c | 4 +++-
2 files changed, 9 insertions(+), 1 deletion(-)
Index: git/binutils/objdump.c
===================================================================
--- git.orig/binutils/objdump.c
+++ git/binutils/objdump.c
@@ -3768,7 +3768,9 @@ load_specific_debug_section (enum dwarf_
section->size = bfd_section_size (sec);
/* PR 24360: On 32-bit hosts sizeof (size_t) < sizeof (bfd_size_type). */
alloced = amt = section->size + 1;
- if (alloced != amt || alloced == 0)
+ if (alloced != amt
+ || alloced == 0
+ || (bfd_get_size (abfd) != 0 && alloced >= bfd_get_size (abfd)))
{
section->start = NULL;
free_debug_section (debug);
Index: git/binutils/ChangeLog
===================================================================
--- git.orig/binutils/ChangeLog
+++ git/binutils/ChangeLog
@@ -1,3 +1,9 @@
+2022-12-21 Nick Clifton <nickc@redhat.com>
+
+ PR 29924
+ * objdump.c (load_specific_debug_section): Check for excessively
+ large sections.
+
2022-03-23 Nick Clifton <nickc@redhat.com>
Import patch from mainline: