1 files changed, 37 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch
new file mode 100644
index 0000000000..46ec0b15a3
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch
@@ -0,0 +1,37 @@
+From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Wed, 19 Oct 2022 15:09:12 +0100
+Subject: [PATCH] Fix an illegal memory access when parsing an ELF file
+ containing corrupt symbol version information.
+        PR 29699
+        * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
+        of the section header is zero.
+Upstream-Status: Backport
+[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+---
+ bfd/ChangeLog | 6 ++++++
+ bfd/elf.c     | 4 +++-
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+diff --git a/bfd/elf.c b/bfd/elf.c
+index fe00e0f9189..7cd7febcf95 100644
+--- a/bfd/elf.c
+++ b/bfd/elf.c
+@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+          bfd_set_error (bfd_error_file_too_big);
+          goto error_return_verref;
+        }
+-      elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
+      if (amt == 0)
+       goto error_return_verref;
+      elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verref == NULL)
+        goto error_return_verref;
+ 
+-- 
+2.31.1

diff --git a/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch new file mode 100644 index 0000000000..46ec0b15a3 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch
@@ -0,0 +1,37 @@
	1	From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001
	2	From: Nick Clifton <nickc@redhat.com>
	3	Date: Wed, 19 Oct 2022 15:09:12 +0100
	4	Subject: [PATCH] Fix an illegal memory access when parsing an ELF file
	5	containing corrupt symbol version information.
	6
	7	PR 29699
	8	* elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
	9	of the section header is zero.
	10
	11	Upstream-Status: Backport
	12	[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
	13
	14	Signed-off-by: Pgowda <pgowda.cve@gmail.com>
	15	---
	16	bfd/ChangeLog \| 6 ++++++
	17	bfd/elf.c \| 4 +++-
	18	2 files changed, 9 insertions(+), 1 deletion(-)
	19
	20	diff --git a/bfd/elf.c b/bfd/elf.c
	21	index fe00e0f9189..7cd7febcf95 100644
	22	--- a/bfd/elf.c
	23	+++ b/bfd/elf.c
	24	@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
	25	bfd_set_error (bfd_error_file_too_big);
	26	goto error_return_verref;
	27	}
	28	- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
	29	+ if (amt == 0)
	30	+ goto error_return_verref;
	31	+ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
	32	if (elf_tdata (abfd)->verref == NULL)
	33	goto error_return_verref;
	34
	35	--
	36	2.31.1
	37