diff options
| author | Harish Sadineni <Harish.Sadineni@windriver.com> | 2025-06-05 02:03:14 -0700 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-06-13 08:42:35 -0700 |
| commit | 775ca31829595a1931cc3a392e9827f20335f618 (patch) | |
| tree | 99b8f0e7689235fe87fc8edb37278e7cfb17a7af /meta | |
| parent | 0f3339f7ff54527938c644beba33473c245bafac (diff) | |
| download | poky-775ca31829595a1931cc3a392e9827f20335f618.tar.gz | |
binutils: add CVE-2025-1182 patch file to SRC_URI
Forgot to add CVE-2025-1182 patch file to SRC_URI in the following commit
https://lists.openembedded.org/g/openembedded-core/message/217350
After rebasing the CVE-2025-1180.patch, we encountered hunk errors while applying the
CVE-2025-1182.patch, so I have modified the patch accordingly.
(From OE-Core rev: 131f93b8efcddac984965a250b5391c43ca54ac8)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.38.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch | 18 |
2 files changed, 10 insertions, 9 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 01fd03d2f4..085ca2301e 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc | |||
| @@ -75,5 +75,6 @@ SRC_URI = "\ | |||
| 75 | file://0038-CVE-2025-0840.patch \ | 75 | file://0038-CVE-2025-0840.patch \ |
| 76 | file://0039-CVE-2025-1178.patch \ | 76 | file://0039-CVE-2025-1178.patch \ |
| 77 | file://0040-CVE-2025-1180.patch \ | 77 | file://0040-CVE-2025-1180.patch \ |
| 78 | file://0040-CVE-2025-1182.patch \ | ||
| 78 | " | 79 | " |
| 79 | S = "${WORKDIR}/git" | 80 | S = "${WORKDIR}/git" |
diff --git a/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch index 682f633927..03604bfdd4 100644 --- a/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch +++ b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch | |||
| @@ -18,14 +18,14 @@ Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com> | |||
| 18 | diff --git a/bfd/elflink.c b/bfd/elflink.c | 18 | diff --git a/bfd/elflink.c b/bfd/elflink.c |
| 19 | --- a/bfd/elflink.c | 19 | --- a/bfd/elflink.c |
| 20 | +++ b/bfd/elflink.c | 20 | +++ b/bfd/elflink.c |
| 21 | @@ -14711,6 +14711,10 @@ | 21 | @@ -14712,6 +14712,10 @@ |
| 22 | } | 22 | } |
| 23 | else | 23 | else |
| 24 | { | 24 | { |
| 25 | + if (r_symndx >= rcookie->locsymcount) | 25 | + if (r_symndx >= rcookie->locsymcount) |
| 26 | + /* This can happen with corrupt input. */ | 26 | + /* This can happen with corrupt input. */ |
| 27 | + return false; | 27 | + return false; |
| 28 | + | 28 | + |
| 29 | /* It's not a relocation against a global symbol, | 29 | /* It's not a relocation against a global symbol, |
| 30 | but it could be a relocation against a local | 30 | but it could be a relocation against a local |
| 31 | symbol for a discarded section. */ | 31 | symbol for a discarded section. */ |