Add fix for CVE-2025-5244.
Resolves: RHEL-100417
This commit is contained in:
parent
bdd2637ad2
commit
d8eb7cfbb1
22
binutils-CVE-2025-5244.patch
Normal file
22
binutils-CVE-2025-5244.patch
Normal file
@ -0,0 +1,22 @@
|
||||
# commit d1458933830456e54223d9fc61f0d9b3a19256f5
|
||||
# tree 98864afbaa67a592824cc9f0c846bce8efde33c9 tree
|
||||
# parent 6fe4e5bd10b996428a557e036c07c5839a8e0a49 commit | diff
|
||||
# PR32858 ld segfault on fuzzed object
|
||||
#
|
||||
# We missed one place where it is necessary to check for empty groups.
|
||||
#
|
||||
# PR 32858
|
||||
# * elflink.c (elf_gc_sweep): Protect against empty group.
|
||||
|
||||
--- binutils.orig/bfd/elflink.c 2025-06-30 15:59:11.706908490 +0100
|
||||
+++ binutils-2.41/bfd/elflink.c 2025-06-30 16:00:32.282299523 +0100
|
||||
@@ -14115,7 +14115,8 @@ elf_gc_sweep (bfd *abfd, struct bfd_link
|
||||
if (o->flags & SEC_GROUP)
|
||||
{
|
||||
asection *first = elf_next_in_group (o);
|
||||
- o->gc_mark = first->gc_mark;
|
||||
+ if (first != NULL)
|
||||
+ o->gc_mark = first->gc_mark;
|
||||
}
|
||||
|
||||
if (o->gc_mark)
|
@ -2,7 +2,7 @@
|
||||
Summary: A GNU collection of binary utilities
|
||||
Name: binutils%{?_with_debug:-debug}
|
||||
Version: 2.41
|
||||
Release: 56%{?dist}
|
||||
Release: 57%{?dist}
|
||||
License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later
|
||||
URL: https://sourceware.org/binutils
|
||||
|
||||
@ -383,6 +383,10 @@ Patch60: binutils-s390-z17-cpu-name.patch
|
||||
# Lifetime: Fixed in 2.42
|
||||
Patch61: binutils-riscv-efi.patch
|
||||
|
||||
# Purpose: Fix a potential NULL pointer dereference when parsing a corrupt ELF file.
|
||||
# Lifetime: Fixed in 2.45
|
||||
Patch62: binutils-CVE-2025-5244.patch
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
||||
# Purpose: Workaround for an unresolved bug in ppc gcc
|
||||
@ -1427,6 +1431,9 @@ exit 0
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
%changelog
|
||||
* Mon Jun 30 2025 Nick Clifton <nickc@redhat.com> - 2.41-57
|
||||
- Add fix for CVE-2025-5244. (RHEL-100417)
|
||||
|
||||
* Mon Apr 28 2025 Andrea Bolognani <abologna@redhat.com> - 2.41-56
|
||||
- Add basic support for RISC-V 64-bit EFI objects. (RHEL-88815)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user