elfutils: Fix CVE-2025-1371 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2025-08-13 17:40:59 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-08-26 06:33:14 -0700
commit	f199f5e3a6c3112e348c60695f3509c21af4e911 (patch)
tree	a16b903c9d3a6ffe7e55534367610133340c92b4 /meta/lib/patchtest/tests/base.py
parent	17c3ea7ff835e73d7975d0ba29a0a162e3c8b51a (diff)
download	poky-f199f5e3a6c3112e348c60695f3509c21af4e911.tar.gz

elfutils: Fix CVE-2025-1371

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-1371 https://ubuntu.com/security/CVE-2025-1371 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b38e562a4c907e08171c76b8b2def8464d5a104a (From OE-Core rev: 36a322934f6f7dc8d0890c531d68c0f7de69be13) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/lib/patchtest/tests/base.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: