summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2025-08-25 23:15:00 +0200
committerSteve Sakoman <steve@sakoman.com>2025-09-09 09:30:07 -0700
commit6f906dc9cf38b44ecc07410d5ff29e54eabe6eff (patch)
treee21a45cbad04ecd65a66c03110e3b734844f4a51
parent343adc0de05d4d1ef84bee6b76b5dedbcb587fb1 (diff)
downloadpoky-6f906dc9cf38b44ecc07410d5ff29e54eabe6eff.tar.gz
binutils: patch CVE-2025-8225
Pick commit [1] mentioned in [2]. [1] https://gitlab.com/gnutools/binutils-gdb/-/commit/e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-8225 Testsuite did not show any changes in results: === binutils Summary === # of expected passes 310 # of unexpected failures 1 # of untested testcases 1 # of unsupported tests 9 (From OE-Core rev: 3d79514f90a6f731a5333417641500b8e52e410a) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.44.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/0019-CVE-2025-8225.patch41
2 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc
index 5ee82fa0e5..a217d07e8c 100644
--- a/meta/recipes-devtools/binutils/binutils-2.44.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.44.inc
@@ -46,6 +46,7 @@ SRC_URI = "\
46 file://0018-CVE-2025-5245.patch \ 46 file://0018-CVE-2025-5245.patch \
47 file://0019-CVE-2025-7545.patch \ 47 file://0019-CVE-2025-7545.patch \
48 file://0018-CVE-2025-7546.patch \ 48 file://0018-CVE-2025-7546.patch \
49 file://0019-CVE-2025-8225.patch \
49 file://0020-Fix-for-borken-symlinks.patch \ 50 file://0020-Fix-for-borken-symlinks.patch \
50" 51"
51S = "${WORKDIR}/git" 52S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0019-CVE-2025-8225.patch b/meta/recipes-devtools/binutils/binutils/0019-CVE-2025-8225.patch
new file mode 100644
index 0000000000..43bc4c56d8
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0019-CVE-2025-8225.patch
@@ -0,0 +1,41 @@
1From e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4 Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Wed, 19 Feb 2025 22:45:29 +1030
4Subject: [PATCH] binutils/dwarf.c debug_information leak
5
6It is possible with fuzzed files to have num_debug_info_entries zero
7after allocating space for debug_information, leading to multiple
8allocations.
9
10 * dwarf.c (process_debug_info): Don't test num_debug_info_entries
11 to determine whether debug_information has been allocated,
12 test alloc_num_debug_info_entries.
13
14CVE: CVE-2025-8225
15Upstream-Status: Backport [https://gitlab.com/gnutools/binutils-gdb/-/commit/e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4]
16Signed-off-by: Peter Marko <peter.marko@siemens.com>
17---
18 binutils/dwarf.c | 8 +++-----
19 1 file changed, 3 insertions(+), 5 deletions(-)
20
21diff --git a/binutils/dwarf.c b/binutils/dwarf.c
22index 8e004cea839..bfbf83ec9f4 100644
23--- a/binutils/dwarf.c
24+++ b/binutils/dwarf.c
25@@ -3807,13 +3807,11 @@ process_debug_info (struct dwarf_section * section,
26 }
27
28 if ((do_loc || do_debug_loc || do_debug_ranges || do_debug_info)
29- && num_debug_info_entries == 0
30- && ! do_types)
31+ && alloc_num_debug_info_entries == 0
32+ && !do_types)
33 {
34-
35 /* Then allocate an array to hold the information. */
36- debug_information = (debug_info *) cmalloc (num_units,
37- sizeof (* debug_information));
38+ debug_information = cmalloc (num_units, sizeof (*debug_information));
39 if (debug_information == NULL)
40 {
41 error (_("Not enough memory for a debug info array of %u entries\n"),
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-10-04 12:42:39 +0000