elfutils: Fix CVE-2025-1377 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Soumya Sambu <soumya.sambu@windriver.com>	2025-11-14 17:49:41 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-11-24 06:57:39 -0800
commit	36037789d23df9db38fbbe5351d1a25fbe85e61d (patch)
tree	0e6965dc420a9dc3cdfecf537cd6af846e0aafe3 /meta/recipes-devtools/python/python3/crosspythonpath.patch
parent	7dd51aea98fbf282536ae4f78a86ae4b63e5a1dc (diff)
download	poky-36037789d23df9db38fbbe5351d1a25fbe85e61d.tar.gz

elfutils: Fix CVE-2025-1377

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-1377 Upstream patch: https://sourceware.org/git/?p=elfutils.git;a=commit;h=fbf1df9ca286de3323ae541973b08449f8d03aba (From OE-Core rev: e4e8392e688ceb0d8e68fe48118383c031178b5e) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/recipes-devtools/python/python3/crosspythonpath.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: