]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b25b0f7) | patch
binutils: fix CVE-2025-1180
authorHarish Sadineni <Harish.Sadineni@windriver.com>
Thu, 29 May 2025 12:12:02 +0000 (05:12 -0700)
committerSteve Sakoman <steve@sakoman.com>
Thu, 29 May 2025 15:22:59 +0000 (08:22 -0700)
commit8178f44f18777b2c8acc0afb9fd43921a9a8e76e
tree84e6f75224cead2fe75448bd280fb0f08d03f0e4tree | snapshot
parentb25b0f785e0b7650e31a45a92be196be6b76ea78commit | diff
binutils: fix CVE-2025-1180

Backporting the fix from PR 32636 to fix PR 32642 (ld SEGV (illegal read access)
in _bfd_elf_write_section_eh_frame (bfd/elf-eh-frame.c:2234:29) with
 --gc-sections --gc-keep-exported option)

https://nvd.nist.gov/vuln/detail/CVE-2025-1180 is associated with
PR32642 which will get fixed with commit from PR 32636.

Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814]
CVE: CVE-2025-1180

Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/binutils/binutils-2.38.inc diff | blob | blame | history
meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1180.patch [new file with mode: 0644] blob
Mirror of git://git.openembedded.org/openembedded-core-contrib