This is already fixed upstream: https://git.openembedded.org/openembedded-core/commit/?id=b6b750f8e41a392ff92d9118ef7530ada20d06fe
On 21/12/2022 23:30:09+0530, Yash Shinde wrote: > From: Yash Shinde <yash.shi...@windriver.com> > > Upstream-Status: Backport > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70] > > Signed-off-by: Yash Shinde <yash.shi...@windriver.com> > --- > .../binutils/binutils-2.39.inc | 1 + > .../binutils/0015-CVE-2022-4285.patch | 36 +++++++++++++++++++ > 2 files changed, 37 insertions(+) > create mode 100644 > meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch > > diff --git a/meta/recipes-devtools/binutils/binutils-2.39.inc > b/meta/recipes-devtools/binutils/binutils-2.39.inc > index b040e57037..419571d56c 100644 > --- a/meta/recipes-devtools/binutils/binutils-2.39.inc > +++ b/meta/recipes-devtools/binutils/binutils-2.39.inc > @@ -35,6 +35,7 @@ SRC_URI = "\ > file://0014-CVE-2022-38128-1.patch \ > file://0014-CVE-2022-38128-2.patch \ > file://0014-CVE-2022-38128-3.patch \ > + file://0015-CVE-2022-4285.patch \ > " > S = "${WORKDIR}/git" > # Already in 2.39 branch > diff --git a/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch > b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch > new file mode 100644 > index 0000000000..5ff5290334 > --- /dev/null > +++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-4285.patch > @@ -0,0 +1,36 @@ > +From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001 > +From: Nick Clifton <ni...@redhat.com> > +Date: Wed, 19 Oct 2022 15:09:12 +0100 > +Subject: [PATCH] Fix an illegal memory access when parsing an ELF file > + containing corrupt symbol version information. > + > + PR 29699 > + * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field > + of the section header is zero. > + > +Upstream-Status: Backport > [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70] > +CVE: CVE-2022-4285 > + > +--- > + bfd/ChangeLog | 6 ++++++ > + bfd/elf.c | 4 +++- > + 2 files changed, 9 insertions(+), 1 deletion(-) > + > +diff --git a/bfd/elf.c b/bfd/elf.c > +index fe00e0f9189..7cd7febcf95 100644 > +--- a/bfd/elf.c > ++++ b/bfd/elf.c > +@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool > default_imported_symver) > + bfd_set_error (bfd_error_file_too_big); > + goto error_return_verref; > + } > +- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, > amt); > ++ if (amt == 0) > ++ goto error_return_verref; > ++ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, > amt); > + if (elf_tdata (abfd)->verref == NULL) > + goto error_return_verref; > + > +-- > +2.31.1 > + > -- > 2.25.1 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174939): https://lists.openembedded.org/g/openembedded-core/message/174939 Mute This Topic: https://lists.openembedded.org/mt/95811724/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
