mirror of
https://git.yoctoproject.org/poky
synced 2026-07-17 04:07:06 +00:00
binutils: fix CVE-2025-8225
CVE: CVE-2025-8225 It is possible with fuzzed files to have num_debug_info_entries zero after allocating space for debug_information, leading to multiple allocations. * dwarf.c (process_debug_info): Don't test num_debug_info_entries to determine whether debug_information has been allocated, test alloc_num_debug_info_entries. Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4] (From OE-Core rev: 9b5bb098b542a43a7aa97cc376c358f0a38778e3) Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
committed by
Steve Sakoman
parent
0118bd1e10
commit
d0f445a1e2
@@ -83,5 +83,6 @@ SRC_URI = "\
|
||||
file://0044-CVE-2025-11082.patch \
|
||||
file://0045-CVE-2025-11083.patch \
|
||||
file://0046-CVE-2025-11081.patch \
|
||||
file://0047-CVE-2025-8225.patch \
|
||||
"
|
||||
S = "${WORKDIR}/git"
|
||||
|
||||
Reference in New Issue
Block a user