mirror of
https://git.yoctoproject.org/poky
synced 2026-07-17 04:07:06 +00:00
binutils: CVE-2017-8396
Source: git://sourceware.org/git/binutils-gdb.git MR: 74101 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: db47540066f83529439566f8621d6e35fe86b77c Description: buffer overflow in perform_relocation The existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. PR 21432 * reloc.c (reloc_offset_in_range): New function. (bfd_perform_relocation, bfd_install_relocation): Use it. (_bfd_final_link_relocate): Likewise. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: e5aa4adaddbae184bbbb1c42f79c1deba931c72a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
committed by
Richard Purdie
parent
2dcc1db01d
commit
52bc287aca
@@ -71,6 +71,7 @@ SRC_URI = "\
|
||||
file://CVE-2017-8395.patch \
|
||||
file://CVE-2017-8397.patch \
|
||||
file://CVE-2017-7300.patch \
|
||||
file://CVE-2017-8396.patch \
|
||||
"
|
||||
S = "${WORKDIR}/git"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user