elfutils: Fix CVE-2025-1377 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2025-08-13 17:41:02 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-08-26 06:33:14 -0700
commit	906ca660830dbce5893bb2a0b1a60a7447907b9c (patch)
tree	446849fe046c679bb5788890aa87d33ae3b48612 /documentation/set_versions.py
parent	92ad2bf8854c616aaad3f40429ed2acc414fb027 (diff)
download	poky-906ca660830dbce5893bb2a0b1a60a7447907b9c.tar.gz

elfutils: Fix CVE-2025-1377

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1377 https://ubuntu.com/security/CVE-2025-1377 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba (From OE-Core rev: 36436f0996d3a84fe6a59434dec1a92704110602) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/set_versions.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: