From bbfdd5c44a5629b9158b418b5335ec4f1567b3f9 Mon Sep 17 00:00:00 2001 From: Harish Sadineni Date: Wed, 28 May 2025 07:15:47 -0700 Subject: [PATCH] binutils: Fix CVE-2025-1182 Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b425859021d17adf62f06fb904797cf8642986ad] CVE: CVE-2025-1182 Signed-off-by: Harish Sadineni Signed-off-by: Steve Sakoman --- .../binutils/0040-CVE-2025-1182.patch | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch diff --git a/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch new file mode 100644 index 0000000000..682f633927 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0040-CVE-2025-1182.patch @@ -0,0 +1,31 @@ +From b425859021d17adf62f06fb904797cf8642986ad Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 16:27:38 +0000 +Subject: [PATCH] Fix another illegal memory access triggered by corrupt ELF + input files. + +PR 32644 + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b425859021d17adf62f06fb904797cf8642986ad] + +CVE: CVE-2025-1182 + +Signed-off-by: Harish Sadineni +--- + bfd/elflink.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/bfd/elflink.c b/bfd/elflink.c +--- a/bfd/elflink.c ++++ b/bfd/elflink.c +@@ -14711,6 +14711,10 @@ + } + else + { ++ if (r_symndx >= rcookie->locsymcount) ++ /* This can happen with corrupt input. */ ++ return false; ++ + /* It's not a relocation against a global symbol, + but it could be a relocation against a local + symbol for a discarded section. */ -- 2.47.2