mirror of
https://git.yoctoproject.org/poky
synced 2026-07-16 15:57:04 +00:00
binutils: fix CVE-2025-8225
CVE: CVE-2025-8225 It is possible with fuzzed files to have num_debug_info_entries zero after allocating space for debug_information, leading to multiple allocations. * dwarf.c (process_debug_info): Don't test num_debug_info_entries to determine whether debug_information has been allocated, test alloc_num_debug_info_entries. Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4] (From OE-Core rev: 7feed679262025b8405488d064e2c546a3ed7a0c) Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
committed by
Steve Sakoman
parent
3574b5a9d1
commit
f2b841423f
@@ -62,5 +62,6 @@ SRC_URI = "\
|
||||
file://0024-CVE-2025-11082.patch \
|
||||
file://0025-CVE-2025-11083.patch \
|
||||
file://0026-CVE-2025-11081.patch \
|
||||
file://0027-CVE-2025-8225.patch \
|
||||
"
|
||||
S = "${WORKDIR}/git"
|
||||
|
||||
Reference in New Issue
Block a user