Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit062b040

Browse files
[AutoPR- Security] Patch gdb forCVE-2025-11082 [MEDIUM] (#14780)
1 parent7af2782 commit062b040

File tree

2 files changed

+52
-1
lines changed

2 files changed

+52
-1
lines changed

‎SPECS/gdb/CVE-2025-11082.patch‎

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
From efcfd4821532ae4909d702c5f7212060e80e786d Mon Sep 17 00:00:00 2001
2+
From: "H.J. Lu" <hjl.tools@gmail.com>
3+
Date: Mon, 22 Sep 2025 15:20:34 +0800
4+
Subject: [PATCH] elf: Don't read beyond .eh_frame section size
5+
6+
PR ld/33464
7+
* elf-eh-frame.c (_bfd_elf_parse_eh_frame): Don't read beyond
8+
.eh_frame section size.
9+
10+
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
11+
Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
12+
Upstream-reference: https://github.com/bminor/binutils-gdb/commit/ea1a0737c7692737a644af0486b71e4a392cbca8.patch
13+
---
14+
bfd/elf-eh-frame.c | 8 ++++++--
15+
1 file changed, 6 insertions(+), 2 deletions(-)
16+
17+
diff --git a/bfd/elf-eh-frame.c b/bfd/elf-eh-frame.c
18+
index 2e22d0c..d821bb2 100644
19+
--- a/bfd/elf-eh-frame.c
20+
+++ b/bfd/elf-eh-frame.c
21+
@@ -733,6 +733,7 @@ _bfd_elf_parse_eh_frame (bfd *abfd, struct bfd_link_info *info,
22+
if (hdr_id == 0)
23+
{
24+
unsigned int initial_insn_length;
25+
+ char *null_byte;
26+
27+
/* CIE */
28+
this_inf->cie = 1;
29+
@@ -749,10 +750,13 @@ _bfd_elf_parse_eh_frame (bfd *abfd, struct bfd_link_info *info,
30+
REQUIRE (cie->version == 1
31+
|| cie->version == 3
32+
|| cie->version == 4);
33+
- REQUIRE (strlen ((char *) buf) < sizeof (cie->augmentation));
34+
+ null_byte = memchr ((char *) buf, 0, end - buf);
35+
+ REQUIRE (null_byte != NULL);
36+
+ REQUIRE ((size_t) (null_byte - (char *) buf)
37+
+ < sizeof (cie->augmentation));
38+
39+
strcpy (cie->augmentation, (char *) buf);
40+
- buf = (bfd_byte *) strchr ((char *) buf, '\0') + 1;
41+
+ buf = (bfd_byte *) null_byte + 1;
42+
this_inf->u.cie.aug_str_len = buf - start - 1;
43+
ENSURE_NO_RELOCS (buf);
44+
if (buf[0] == 'e' && buf[1] == 'h')
45+
--
46+
2.45.4
47+

‎SPECS/gdb/gdb.spec‎

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
Summary: C debugger
22
Name: gdb
33
Version: 13.2
4-
Release:5%{?dist}
4+
Release:6%{?dist}
55
License: GPLv2+
66
Vendor: Microsoft Corporation
77
Distribution: Azure Linux
@@ -12,6 +12,7 @@ Patch0: CVE-2023-39128.patch
1212
Patch1: CVE-2023-39129.patch
1313
Patch2: CVE-2023-39130.patch
1414
Patch3: CVE-2025-7546.patch
15+
Patch4: CVE-2025-11082.patch
1516
BuildRequires: expat-devel
1617
BuildRequires: gcc-c++
1718
BuildRequires: gcc-gfortran
@@ -105,6 +106,9 @@ make check TESTS='gdb.base/default.exp'
105106
%{_mandir}/*/*
106107

107108
%changelog
109+
*Fri Oct 03 2025Azure Linux Security Servicing Account<azurelinux-security@microsoft.com> -13.2-6
110+
-Patch for CVE-2025-11082
111+
108112
*Fri Jul 18 2025Akhila Guruju<v-guakhila@microsoft.com> -13.2-5
109113
-Patch CVE-2025-7546
110114

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp