1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-17 04:07:06 +00:00

binutils: fix CVE-2025-1180

Backporting the fix from PR 32636 to fix PR 32642 (ld SEGV (illegal read access)
in _bfd_elf_write_section_eh_frame (bfd/elf-eh-frame.c:2234:29) with
 --gc-sections --gc-keep-exported option)

https://nvd.nist.gov/vuln/detail/CVE-2025-1180 is associated with
PR32642 which will get fixed with commit from PR 32636.

Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814]
CVE: CVE-2025-1180

(From OE-Core rev: 8178f44f18777b2c8acc0afb9fd43921a9a8e76e)

Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Harish Sadineni
2025-05-29 05:12:02 -07:00
committed by Steve Sakoman
parent 14d260ab25
commit 6fceeca067
2 changed files with 165 additions and 0 deletions
@@ -74,5 +74,6 @@ SRC_URI = "\
file://0037-CVE-2024-53589.patch \
file://0038-CVE-2025-0840.patch \
file://0039-CVE-2025-1178.patch \
file://0040-CVE-2025-1180.patch \
"
S = "${WORKDIR}/git"