[oe-commits] [openembedded-core] 41/51: binutils: CVE-2017-14729
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 7 17:11:50 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch morty
in repository openembedded-core.
commit 51fc4c8d86bc7c567794305bcc08e5054e9e204a
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
AuthorDate: Wed Nov 8 12:38:06 2017 +0530
binutils: CVE-2017-14729
Source: binutils-gdb.git
MR: 76278
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de
Description:
x86: Guard against corrupted PLT
There should be only one entry in PLT for a given symbol. Set howto to
NULL after processing a PLT entry to guard against corrupted PLT so that
the duplicated PLT entries are skipped.
PR binutils/22170
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-devtools/binutils/binutils-2.27.inc | 1 +
.../binutils/binutils/CVE-2017-14729.patch | 45 ++++++++++++++++++++++
2 files changed, 46 insertions(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index b38a958..b1669a4 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -100,6 +100,7 @@ SRC_URI = "\
file://CVE-2017-9955_7.patch \
file://CVE-2017-9955_8.patch \
file://CVE-2017-9955_9.patch \
+ file://CVE-2017-14729.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch
new file mode 100644
index 0000000..09d5143
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch
@@ -0,0 +1,45 @@
+commit 61e3bf5f83f7e505b6bc51ef65426e5b31e6e360
+Author: H.J. Lu <hjl.tools at gmail.com>
+Date: Fri Sep 22 14:15:40 2017 -0700
+
+x86: Guard against corrupted PLT
+
+There should be only one entry in PLT for a given symbol. Set howto to
+NULL after processing a PLT entry to guard against corrupted PLT so that
+the duplicated PLT entries are skipped.
+
+PR binutils/22170
+
+Upstream-Status: Backport
+
+CVE: CVE-2017-14729
+Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
+Index: git/bfd/elf-ifunc.c
+===================================================================
+--- git.orig/bfd/elf-ifunc.c 2017-11-08 12:34:22.063320490 +0530
++++ git/bfd/elf-ifunc.c 2017-11-08 12:34:29.995404891 +0530
+@@ -473,6 +473,10 @@
+ memcpy (names, "@plt", sizeof ("@plt"));
+ names += sizeof ("@plt");
+ ++s, ++n;
++ /* There should be only one entry in PLT for a given
++ symbol. Set howto to NULL after processing a PLT
++ entry to guard against corrupted PLT. */
++ p->howto = NULL;
+ }
+
+ free (plt_sym_val);
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog 2017-11-08 12:34:29.939404297 +0530
++++ git/bfd/ChangeLog 2017-11-08 12:35:55.660271599 +0530
+@@ -1,3 +1,9 @@
++2017-09-22 H.J. Lu <hongjiu.lu at intel.com>
++
++ PR binutils/22170
++ * elf-ifunc.c (elf_get_synthetic_symtab): Guard against
++ corrupted PLT.
++
+ 2017-07-27 Nick Clifton <nickc at redhat.com>
+
+ PR 21840
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list