* [kirkstone] [PATCH v3] binutils : Fix CVE-2022-4285
@ 2022-12-27 16:42 Yash Shinde
2022-12-27 18:11 ` [OE-core] " Randy MacLeod
0 siblings, 1 reply; 3+ messages in thread
From: Yash Shinde @ 2022-12-27 16:42 UTC (permalink / raw)
To: openembedded-core; +Cc: Yash.Shinde
From: Yash Shinde <Yash.Shinde@windriver.com>
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0019-CVE-2022-4285.patch | 37 +++++++++++++++++++
2 files changed, 38 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index c1904768dc..0a4a0d7bc1 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -42,5 +42,6 @@ SRC_URI = "\
file://0018-CVE-2022-38128-1.patch \
file://0018-CVE-2022-38128-2.patch \
file://0018-CVE-2022-38128-3.patch \
+ file://0019-CVE-2022-4285.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
new file mode 100644
index 0000000000..e5e404982e
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
@@ -0,0 +1,37 @@
+From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Wed, 19 Oct 2022 15:09:12 +0100
+Subject: [PATCH] Fix an illegal memory access when parsing an ELF file
+ containing corrupt symbol version information.
+
+ PR 29699
+ * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
+ of the section header is zero.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
+CVE: CVE-2022-4285
+
+Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
+---
+ bfd/ChangeLog | 6 ++++++
+ bfd/elf.c | 4 +++-
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index fe00e0f9189..7cd7febcf95 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ bfd_set_error (bfd_error_file_too_big);
+ goto error_return_verref;
+ }
+- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
++ if (amt == 0)
++ goto error_return_verref;
++ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
+ if (elf_tdata (abfd)->verref == NULL)
+ goto error_return_verref;
+
+--
+2.31.1
+
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [OE-core] [kirkstone] [PATCH v3] binutils : Fix CVE-2022-4285
2022-12-27 16:42 [kirkstone] [PATCH v3] binutils : Fix CVE-2022-4285 Yash Shinde
@ 2022-12-27 18:11 ` Randy MacLeod
2022-12-28 14:22 ` Steve Sakoman
0 siblings, 1 reply; 3+ messages in thread
From: Randy MacLeod @ 2022-12-27 18:11 UTC (permalink / raw)
To: yashinde145, openembedded-core, steve; +Cc: Yash.Shinde
On 2022-12-27 11:42, Yash Shinde via lists.openembedded.org wrote:
> From: Yash Shinde <Yash.Shinde@windriver.com>
Yash,
I know you have a problem with sending email from your WR account so
I suspect that you're trying to ensure that the patch is authored by
your WR email.
Don't bother, we'll get your email fixed early in 2023.
Steve,
I'd drop this version of the CVE fix an take the one sent 10 minutes
earlier.
Yash,
As I explained offline, you need to tell people why you are sending a
duplicate fix.
In this case if you wanted the new version to be merged (we don't!),
then you should
have replied on the old version to explain that it should not be merged
and explain
why.
../Randy
>
> Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
>
> Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
> ---
> .../binutils/binutils-2.38.inc | 1 +
> .../binutils/0019-CVE-2022-4285.patch | 37 +++++++++++++++++++
> 2 files changed, 38 insertions(+)
> create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
>
> diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
> index c1904768dc..0a4a0d7bc1 100644
> --- a/meta/recipes-devtools/binutils/binutils-2.38.inc
> +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
> @@ -42,5 +42,6 @@ SRC_URI = "\
> file://0018-CVE-2022-38128-1.patch \
> file://0018-CVE-2022-38128-2.patch \
> file://0018-CVE-2022-38128-3.patch \
> + file://0019-CVE-2022-4285.patch \
> "
> S = "${WORKDIR}/git"
> diff --git a/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
> new file mode 100644
> index 0000000000..e5e404982e
> --- /dev/null
> +++ b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
> @@ -0,0 +1,37 @@
> +From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001
> +From: Nick Clifton <nickc@redhat.com>
> +Date: Wed, 19 Oct 2022 15:09:12 +0100
> +Subject: [PATCH] Fix an illegal memory access when parsing an ELF file
> + containing corrupt symbol version information.
> +
> + PR 29699
> + * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
> + of the section header is zero.
> +
> +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
> +CVE: CVE-2022-4285
> +
> +Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
> +---
> + bfd/ChangeLog | 6 ++++++
> + bfd/elf.c | 4 +++-
> + 2 files changed, 9 insertions(+), 1 deletion(-)
> +
> +diff --git a/bfd/elf.c b/bfd/elf.c
> +index fe00e0f9189..7cd7febcf95 100644
> +--- a/bfd/elf.c
> ++++ b/bfd/elf.c
> +@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
> + bfd_set_error (bfd_error_file_too_big);
> + goto error_return_verref;
> + }
> +- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
> ++ if (amt == 0)
> ++ goto error_return_verref;
> ++ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
> + if (elf_tdata (abfd)->verref == NULL)
> + goto error_return_verref;
> +
> +--
> +2.31.1
> +
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#175030): https://lists.openembedded.org/g/openembedded-core/message/175030
> Mute This Topic: https://lists.openembedded.org/mt/95905716/3616765
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
# Randy MacLeod
# Wind River Linux
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [OE-core] [kirkstone] [PATCH v3] binutils : Fix CVE-2022-4285
2022-12-27 18:11 ` [OE-core] " Randy MacLeod
@ 2022-12-28 14:22 ` Steve Sakoman
0 siblings, 0 replies; 3+ messages in thread
From: Steve Sakoman @ 2022-12-28 14:22 UTC (permalink / raw)
To: Randy MacLeod; +Cc: yashinde145, openembedded-core, Yash.Shinde
On Tue, Dec 27, 2022 at 8:11 AM Randy MacLeod
<randy.macleod@windriver.com> wrote:
>
> On 2022-12-27 11:42, Yash Shinde via lists.openembedded.org wrote:
> > From: Yash Shinde <Yash.Shinde@windriver.com>
>
> Yash,
>
> I know you have a problem with sending email from your WR account so
> I suspect that you're trying to ensure that the patch is authored by
> your WR email.
>
> Don't bother, we'll get your email fixed early in 2023.
>
> Steve,
>
> I'd drop this version of the CVE fix an take the one sent 10 minutes
> earlier.
Done, and I manually changed Yash's email address to the windriver.com one.
Steve
> Yash,
> As I explained offline, you need to tell people why you are sending a
> duplicate fix.
> In this case if you wanted the new version to be merged (we don't!),
> then you should
> have replied on the old version to explain that it should not be merged
> and explain
> why.
>
> ../Randy
>
>
> >
> > Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
> >
> > Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
> > ---
> > .../binutils/binutils-2.38.inc | 1 +
> > .../binutils/0019-CVE-2022-4285.patch | 37 +++++++++++++++++++
> > 2 files changed, 38 insertions(+)
> > create mode 100644 meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
> >
> > diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
> > index c1904768dc..0a4a0d7bc1 100644
> > --- a/meta/recipes-devtools/binutils/binutils-2.38.inc
> > +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
> > @@ -42,5 +42,6 @@ SRC_URI = "\
> > file://0018-CVE-2022-38128-1.patch \
> > file://0018-CVE-2022-38128-2.patch \
> > file://0018-CVE-2022-38128-3.patch \
> > + file://0019-CVE-2022-4285.patch \
> > "
> > S = "${WORKDIR}/git"
> > diff --git a/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
> > new file mode 100644
> > index 0000000000..e5e404982e
> > --- /dev/null
> > +++ b/meta/recipes-devtools/binutils/binutils/0019-CVE-2022-4285.patch
> > @@ -0,0 +1,37 @@
> > +From 5c831a3c7f3ca98d6aba1200353311e1a1f84c70 Mon Sep 17 00:00:00 2001
> > +From: Nick Clifton <nickc@redhat.com>
> > +Date: Wed, 19 Oct 2022 15:09:12 +0100
> > +Subject: [PATCH] Fix an illegal memory access when parsing an ELF file
> > + containing corrupt symbol version information.
> > +
> > + PR 29699
> > + * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
> > + of the section header is zero.
> > +
> > +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70]
> > +CVE: CVE-2022-4285
> > +
> > +Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
> > +---
> > + bfd/ChangeLog | 6 ++++++
> > + bfd/elf.c | 4 +++-
> > + 2 files changed, 9 insertions(+), 1 deletion(-)
> > +
> > +diff --git a/bfd/elf.c b/bfd/elf.c
> > +index fe00e0f9189..7cd7febcf95 100644
> > +--- a/bfd/elf.c
> > ++++ b/bfd/elf.c
> > +@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
> > + bfd_set_error (bfd_error_file_too_big);
> > + goto error_return_verref;
> > + }
> > +- elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
> > ++ if (amt == 0)
> > ++ goto error_return_verref;
> > ++ elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
> > + if (elf_tdata (abfd)->verref == NULL)
> > + goto error_return_verref;
> > +
> > +--
> > +2.31.1
> > +
> >
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#175030): https://lists.openembedded.org/g/openembedded-core/message/175030
> > Mute This Topic: https://lists.openembedded.org/mt/95905716/3616765
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
>
> --
> # Randy MacLeod
> # Wind River Linux
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-12-28 14:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-27 16:42 [kirkstone] [PATCH v3] binutils : Fix CVE-2022-4285 Yash Shinde
2022-12-27 18:11 ` [OE-core] " Randy MacLeod
2022-12-28 14:22 ` Steve Sakoman
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.