On Wed, Dec 21, 2022 at 8:11 AM Yash Shinde <[email protected]> wrote: > > From: Yash Shinde <[email protected]> > > Upstream-Status: Backport > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70] > > Signed-off-by: Yash Shinde <[email protected]> > --- > .../binutils/binutils-2.38.inc | 1 + > .../binutils/0019-CVE-2022-4285.patch | 37 +++++++++++++++++++ > 2 files changed, 38 insertions(+) > create mode 100644 > meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch > > diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc > b/meta/recipes-devtools/binutils/binutils-2.38.inc > index c1904768dc..0a4a0d7bc1 100644 > --- a/meta/recipes-devtools/binutils/binutils-2.38.inc > +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc > @@ -42,5 +42,6 @@ SRC_URI = "\ > file://0018-CVE-2022-38128-1.patch \ > file://0018-CVE-2022-38128-2.patch \ > file://0018-CVE-2022-38128-3.patch \ > + file://0019-CVE-2022-4285.patch \ > " > S = "${WORKDIR}/git" > diff --git a/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch > b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch > new file mode 100644 > index 0000000000..e29bdaca00 > --- /dev/null > +++ b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch > @@ -0,0 +1,37 @@ > +From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001 > +From: Nick Clifton <[email protected]> > +Date: Wed, 19 Oct 2022 15:09:12 +0100 > +Subject: [PATCH] Fix an illegal memory access when parsing an ELF file > + containing corrupt symbol version information. > + > + PR 29699 > + * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field > + of the section header is zero. > + > +Upstream-Status: Backport > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70] > +CVE: CVE-2022-4285
Missing Signed-off-by: Please submit a V3 for kirkstone. Thanks! Steve > + > +--- > + bfd/ChangeLog | 6 ++++++ > + bfd/elf.c | 4 +++- > + 2 files changed, 9 insertions(+), 1 deletion(-) > + > +diff --git a/bfd/elf.c b/bfd/elf.c > +index fe00e0f9189..7cd7febcf95 100644 > +--- a/bfd/elf.c > ++++ b/bfd/elf.c > +@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool > default_imported_symver) > + bfd_set_error (bfd_error_file_too_big); > + goto error_return_verref; > + } > +- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, > amt); > ++ if (amt == 0) > ++ goto error_return_verref; > ++ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, > amt); > + if (elf_tdata (abfd)->verref == NULL) > + goto error_return_verref; > + > +-- > +2.31.1 > + > + > -- > 2.25.1 > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174962): https://lists.openembedded.org/g/openembedded-core/message/174962 Mute This Topic: https://lists.openembedded.org/mt/95785266/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
