diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-11-08 12:38:06 +0530 |
---|---|---|
committer | Armin Kuster <akuster@mvista.com> | 2017-11-23 17:40:49 -0800 |
commit | 5bb1d9c4ae9e959a4405f372a7ef7307fc1f1deb (patch) | |
tree | 49313ba15e483c38b4c5b18772b9bf4c98282333 /meta/recipes-devtools/binutils | |
parent | 528745a45f29119cc81070382d50e11575672979 (diff) | |
download | openembedded-core-contrib-5bb1d9c4ae9e959a4405f372a7ef7307fc1f1deb.tar.gz |
binutils: CVE-2017-14729
Source: binutils-gdb.git
MR: 76278
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de
Description:
x86: Guard against corrupted PLT
There should be only one entry in PLT for a given symbol. Set howto to
NULL after processing a PLT entry to guard against corrupted PLT so that
the duplicated PLT entries are skipped.
PR binutils/22170
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools/binutils')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch | 45 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index b38a9583cf..b1669a4ef0 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc @@ -100,6 +100,7 @@ SRC_URI = "\ file://CVE-2017-9955_7.patch \ file://CVE-2017-9955_8.patch \ file://CVE-2017-9955_9.patch \ + file://CVE-2017-14729.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch new file mode 100644 index 0000000000..09d5143829 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch @@ -0,0 +1,45 @@ +commit 61e3bf5f83f7e505b6bc51ef65426e5b31e6e360 +Author: H.J. Lu <hjl.tools@gmail.com> +Date: Fri Sep 22 14:15:40 2017 -0700 + +x86: Guard against corrupted PLT + +There should be only one entry in PLT for a given symbol. Set howto to +NULL after processing a PLT entry to guard against corrupted PLT so that +the duplicated PLT entries are skipped. + +PR binutils/22170 + +Upstream-Status: Backport + +CVE: CVE-2017-14729 +Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> +Index: git/bfd/elf-ifunc.c +=================================================================== +--- git.orig/bfd/elf-ifunc.c 2017-11-08 12:34:22.063320490 +0530 ++++ git/bfd/elf-ifunc.c 2017-11-08 12:34:29.995404891 +0530 +@@ -473,6 +473,10 @@ + memcpy (names, "@plt", sizeof ("@plt")); + names += sizeof ("@plt"); + ++s, ++n; ++ /* There should be only one entry in PLT for a given ++ symbol. Set howto to NULL after processing a PLT ++ entry to guard against corrupted PLT. */ ++ p->howto = NULL; + } + + free (plt_sym_val); +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog 2017-11-08 12:34:29.939404297 +0530 ++++ git/bfd/ChangeLog 2017-11-08 12:35:55.660271599 +0530 +@@ -1,3 +1,9 @@ ++2017-09-22 H.J. Lu <hongjiu.lu@intel.com> ++ ++ PR binutils/22170 ++ * elf-ifunc.c (elf_get_synthetic_symtab): Guard against ++ corrupted PLT. ++ + 2017-07-27 Nick Clifton <nickc@redhat.com> + + PR 21840 |