Add fix for CVE-2025-5244.
Resolves: RHEL-100417
This commit is contained in:
Nick Clifton
parent
bdd2637ad2
commit
d8eb7cfbb1
22
binutils-CVE-2025-5244.patch
Normal file
22
binutils-CVE-2025-5244.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
# commit d1458933830456e54223d9fc61f0d9b3a19256f5
|
||||||
|
# tree 98864afbaa67a592824cc9f0c846bce8efde33c9 tree
|
||||||
|
# parent 6fe4e5bd10b996428a557e036c07c5839a8e0a49 commit | diff
|
||||||
|
# PR32858 ld segfault on fuzzed object
|
||||||
|
#
|
||||||
|
# We missed one place where it is necessary to check for empty groups.
|
||||||
|
#
|
||||||
|
# PR 32858
|
||||||
|
# * elflink.c (elf_gc_sweep): Protect against empty group.
|
||||||
|
|
||||||
|
--- binutils.orig/bfd/elflink.c 2025-06-30 15:59:11.706908490 +0100
|
||||||
|
+++ binutils-2.41/bfd/elflink.c 2025-06-30 16:00:32.282299523 +0100
|
||||||
|
@@ -14115,7 +14115,8 @@ elf_gc_sweep (bfd *abfd, struct bfd_link
|
||||||
|
if (o->flags & SEC_GROUP)
|
||||||
|
{
|
||||||
|
asection *first = elf_next_in_group (o);
|
||||||
|
- o->gc_mark = first->gc_mark;
|
||||||
|
+ if (first != NULL)
|
||||||
|
+ o->gc_mark = first->gc_mark;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (o->gc_mark)
|
||||||
@ -2,7 +2,7 @@
|
|||||||
Summary: A GNU collection of binary utilities
|
Summary: A GNU collection of binary utilities
|
||||||
Name: binutils%{?_with_debug:-debug}
|
Name: binutils%{?_with_debug:-debug}
|
||||||
Version: 2.41
|
Version: 2.41
|
||||||
Release: 56%{?dist}
|
Release: 57%{?dist}
|
||||||
License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later
|
License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later
|
||||||
URL: https://sourceware.org/binutils
|
URL: https://sourceware.org/binutils
|
||||||
|
|
||||||
@ -383,6 +383,10 @@ Patch60: binutils-s390-z17-cpu-name.patch
|
|||||||
# Lifetime: Fixed in 2.42
|
# Lifetime: Fixed in 2.42
|
||||||
Patch61: binutils-riscv-efi.patch
|
Patch61: binutils-riscv-efi.patch
|
||||||
|
|
||||||
|
# Purpose: Fix a potential NULL pointer dereference when parsing a corrupt ELF file.
|
||||||
|
# Lifetime: Fixed in 2.45
|
||||||
|
Patch62: binutils-CVE-2025-5244.patch
|
||||||
|
|
||||||
#----------------------------------------------------------------------------
|
#----------------------------------------------------------------------------
|
||||||
|
|
||||||
# Purpose: Workaround for an unresolved bug in ppc gcc
|
# Purpose: Workaround for an unresolved bug in ppc gcc
|
||||||
@ -1427,6 +1431,9 @@ exit 0
|
|||||||
|
|
||||||
#----------------------------------------------------------------------------
|
#----------------------------------------------------------------------------
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jun 30 2025 Nick Clifton <nickc@redhat.com> - 2.41-57
|
||||||
|
- Add fix for CVE-2025-5244. (RHEL-100417)
|
||||||
|
|
||||||
* Mon Apr 28 2025 Andrea Bolognani <abologna@redhat.com> - 2.41-56
|
* Mon Apr 28 2025 Andrea Bolognani <abologna@redhat.com> - 2.41-56
|
||||||
- Add basic support for RISC-V 64-bit EFI objects. (RHEL-88815)
|
- Add basic support for RISC-V 64-bit EFI objects. (RHEL-88815)
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user