]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: c1b259c) | patch
binutils: CVE-2017-8396
authorThiruvadi Rajaraman <trajaraman@mvista.com>
Wed, 13 Sep 2017 11:39:39 +0000 (17:09 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 7 Jan 2018 17:09:46 +0000 (17:09 +0000)
commite5aa4adaddbae184bbbb1c42f79c1deba931c72a
tree911300263bacba6101d563a741d469b7fd638971tree | snapshot
parentc1b259c5fef13e1ecff9a68d82cde49c777ffa4dcommit | diff
binutils: CVE-2017-8396

Source: git://sourceware.org/git/binutils-gdb.git
MR: 74101
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: db47540066f83529439566f8621d6e35fe86b77c
Description:

buffer overflow in perform_relocation

The existing reloc offset range tests didn't catch small negative
offsets less than the size of the reloc field.

PR 21432
 * reloc.c (reloc_offset_in_range): New function.
   (bfd_perform_relocation, bfd_install_relocation): Use it.
   (_bfd_final_link_relocate): Likewise.

Affects: <= 2.29
Author: Alan Modra <amodra@gmail.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/binutils/binutils-2.27.inc diff | blob | history
meta/recipes-devtools/binutils/binutils/CVE-2017-8396.patch [new file with mode: 0644] blob
Mirror of the official openembedded-core repository