mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-31 12:49:46 +00:00
Code Issues Projects Releases Wiki Activity

binutls: Security fix CVE-2018-6872

Browse Source 
Affects <= 2.30

(From OE-Core rev: 9626b58123eb50cb830443b3f514988f5417cc6c)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Armin Kuster
2018-08-05 21:55:12 -07:00
committed by Richard Purdie
parent b44ea09983
commit b283276544
2 changed files with 51 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-devtools/binutils/binutils-2.30.inc
+1
View File
@@ -37,6 +37,7 @@ SRC_URI = "\
file://0015-sync-with-OE-libtool-changes.patch \
file://CVE-2018-8945.patch \
file://CVE-2018-7643.patch \
file://CVE-2018-6872.patch \
"
S = "${WORKDIR}/git"
meta/recipes-devtools/binutils/binutils/CVE-2018-6872.patch
+50
View File
@@ -0,0 +1,50 @@
From d895ef77ffc94e02e748856c2ab54f5bb8cc867e Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Fri, 9 Feb 2018 09:28:45 +0000
Subject: [PATCH] Import patch from mainline to fix possible seg-fault whilst
parsing corrupt ELF notes with extravagent alignments.
PR 22788
* elf.c (elf_parse_notes): Reject notes with excessuively large
alignments.
Upstream-Status: Backport
Affects: Binutils <= 2.30
CVE: CVE-2018-6872
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
bfd/ChangeLog | 9 +++++++++
bfd/elf.c | 2 ++
2 files changed, 11 insertions(+)
Index: git/bfd/elf.c
===================================================================
--- git.orig/bfd/elf.c
+++ git/bfd/elf.c
@@ -11020,6 +11020,8 @@ elf_parse_notes (bfd *abfd, char *buf, s
align is less than 4, we use 4 byte alignment. */
if (align < 4)
align = 4;
+ if (align != 4 && align != 8)
+ return FALSE;
p = buf;
while (p < buf + size)
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
@@ -1,3 +1,12 @@
+2018-02-09 Nick Clifton <nickc@redhat.com>
+
+ Import patch from mainline:
+ 2018-02-08 Nick Clifton <nickc@redhat.com>
+
+ PR 22788
+ * elf.c (elf_parse_notes): Reject notes with excessuively large
+ alignments.
+
2018-03-01 Nick Clifton <nickc@redhat.com>
PR 22905