Stop a potential infinite loop in the binutils DWARF parser.
Resolves: #2122675
This commit is contained in:
parent
92265683bf
commit
dd133b6b81
15
binutils-CVE-38128-dwarf-abbrev-parsing.patch
Normal file
15
binutils-CVE-38128-dwarf-abbrev-parsing.patch
Normal file
@ -0,0 +1,15 @@
|
||||
--- binutils.orig/binutils/dwarf.c 2022-08-31 11:58:08.918685348 +0100
|
||||
+++ binutils-2.39/binutils/dwarf.c 2022-08-31 15:24:13.881865797 +0100
|
||||
@@ -6365,7 +6365,11 @@ display_debug_abbrev (struct dwarf_secti
|
||||
list->start_of_next_abbrevs = start;
|
||||
}
|
||||
else
|
||||
- start = list->start_of_next_abbrevs;
|
||||
+ {
|
||||
+ if (start == list->start_of_next_abbrevs)
|
||||
+ break;
|
||||
+ start = list->start_of_next_abbrevs;
|
||||
+ }
|
||||
|
||||
if (list->first_abbrev == NULL)
|
||||
continue;
|
@ -39,7 +39,7 @@
|
||||
Summary: A GNU collection of binary utilities
|
||||
Name: binutils%{?name_cross}%{?_with_debug:-debug}
|
||||
Version: 2.39
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: GPLv3+
|
||||
URL: https://sourceware.org/binutils
|
||||
|
||||
@ -299,6 +299,10 @@ Patch19: binutils-package-metadata.patch
|
||||
# Lifetime: Fixed in 2.40
|
||||
Patch20: binutils-gas-dwarf-skip-empty-functions.patch
|
||||
|
||||
# Purpose: Stop an infinite loop in the binutils DWARF decoder. (CVE 2022-38128)
|
||||
# Lifetime: Fixed in 2.40
|
||||
Patch21: binutils-CVE-38128-dwarf-abbrev-parsing.patch
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
||||
Provides: bundled(libiberty)
|
||||
@ -955,6 +959,9 @@ exit 0
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
%changelog
|
||||
* Wed Aug 31 2022 Nick Clifton <nickc@redhat.com> - 2.39-3
|
||||
- Stop a potential infinite loop in the binutils DWARF parser. (#2122675)
|
||||
|
||||
* Tue Aug 16 2022 Nick Clifton <nickc@redhat.com> - 2.39-2
|
||||
- Move gprofng related files into the gprofng sub-package.
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user