]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b6e556) | patch
binutils: Fix CVE-2025-5244 & CVE-2025-5245
authorDeepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Mon, 9 Jun 2025 04:48:49 +0000 (21:48 -0700)
committerSteve Sakoman <steve@sakoman.com>
Mon, 9 Jun 2025 15:44:59 +0000 (08:44 -0700)
commit7eb29f802b272dec19c5bfdce93155d99bac918d
treec44f9e2c53196e09fb9c60b1a4a95dc915381b32tree | snapshot
parent6b6e556a226100205427c85e8064f7640a9da25ecommit | diff
binutils: Fix CVE-2025-5244 & CVE-2025-5245

PR32858 ld segfault on fuzzed object
We missed one place where it is necessary to check for empty groups.

PR32829, SEGV on objdump function debug_type_samep
u.kenum is always non-NULL, see debug_make_enum_type.

Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
&& [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a]

Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/binutils/binutils-2.38.inc diff | blob | blame | history
meta/recipes-devtools/binutils/binutils/0041-CVE-2025-5244.patch [new file with mode: 0644] blob
meta/recipes-devtools/binutils/binutils/0042-CVE-2025-5245.patch [new file with mode: 0644] blob
Mirror of git://git.openembedded.org/openembedded-core-contrib