mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-15 21:23:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7a01d262a19c472bfebfa1aa314d5b910c9977bd
poky/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch
Harish Sadineni 4c29d2543f binutils: Fix CVE-2025-1182 
Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141415.html]
CVE: CVE-2025-1182

(From OE-Core rev: 1e6575a4eb6168322a6560af787399267f5fa304)

Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2025-05-29 15:14:37 +01:00

37 lines
1.1 KiB
Diff
Raw Blame History

From 92bcd04fcd97f261ff40e9248e00a1dbebf3a536 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Tue, 27 May 2025 03:37:50 -0700
Subject: [PATCH] Backport fix for PR 32644(CVE-2025-1182)
Fix another illegal memory access triggered by corrupt ELF input files.
PR 32644
(cherry picked from commit:b425859021d17adf62f06fb904797cf8642986ad)
Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141415.html]
CVE: CVE-2025-1182
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
---
bfd/elflink.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/bfd/elflink.c b/bfd/elflink.c
index 6346d7e2b4b..a0b237b2224 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -15084,6 +15084,10 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie)
}
else
{
+ if (r_symndx >= rcookie->locsymcount)
+ /* This can happen with corrupt input. */
+ return false;
+
/* It's not a relocation against a global symbol,
but it could be a relocation against a local
symbol for a discarded section. */
--
2.49.0
Reference in New Issue View Git Blame Copy Permalink