summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.30.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2018-6872.patch50
2 files changed, 51 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.30.inc b/meta/recipes-devtools/binutils/binutils-2.30.inc
index 1952d46c20..23625d1a1b 100644
--- a/meta/recipes-devtools/binutils/binutils-2.30.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.30.inc
@@ -37,6 +37,7 @@ SRC_URI = "\
37 file://0015-sync-with-OE-libtool-changes.patch \ 37 file://0015-sync-with-OE-libtool-changes.patch \
38 file://CVE-2018-8945.patch \ 38 file://CVE-2018-8945.patch \
39 file://CVE-2018-7643.patch \ 39 file://CVE-2018-7643.patch \
40 file://CVE-2018-6872.patch \
40" 41"
41S = "${WORKDIR}/git" 42S = "${WORKDIR}/git"
42 43
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-6872.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-6872.patch
new file mode 100644
index 0000000000..2ef36c232c
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-6872.patch
@@ -0,0 +1,50 @@
1From d895ef77ffc94e02e748856c2ab54f5bb8cc867e Mon Sep 17 00:00:00 2001
2From: Nick Clifton <nickc@redhat.com>
3Date: Fri, 9 Feb 2018 09:28:45 +0000
4Subject: [PATCH] Import patch from mainline to fix possible seg-fault whilst
5 parsing corrupt ELF notes with extravagent alignments.
6
7 PR 22788
8 * elf.c (elf_parse_notes): Reject notes with excessuively large
9 alignments.
10
11Upstream-Status: Backport
12Affects: Binutils <= 2.30
13CVE: CVE-2018-6872
14Signed-off-by: Armin Kuster <akuster@mvista.com>
15
16---
17 bfd/ChangeLog | 9 +++++++++
18 bfd/elf.c | 2 ++
19 2 files changed, 11 insertions(+)
20
21Index: git/bfd/elf.c
22===================================================================
23--- git.orig/bfd/elf.c
24+++ git/bfd/elf.c
25@@ -11020,6 +11020,8 @@ elf_parse_notes (bfd *abfd, char *buf, s
26 align is less than 4, we use 4 byte alignment. */
27 if (align < 4)
28 align = 4;
29+ if (align != 4 && align != 8)
30+ return FALSE;
31
32 p = buf;
33 while (p < buf + size)
34Index: git/bfd/ChangeLog
35===================================================================
36--- git.orig/bfd/ChangeLog
37+++ git/bfd/ChangeLog
38@@ -1,3 +1,12 @@
39+2018-02-09 Nick Clifton <nickc@redhat.com>
40+
41+ Import patch from mainline:
42+ 2018-02-08 Nick Clifton <nickc@redhat.com>
43+
44+ PR 22788
45+ * elf.c (elf_parse_notes): Reject notes with excessuively large
46+ alignments.
47+
48 2018-03-01 Nick Clifton <nickc@redhat.com>
49
50 PR 22905