]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d8996fd) | patch
binutils: CVE-2017-9752
authorThiruvadi Rajaraman <trajaraman@mvista.com>
Thu, 21 Sep 2017 13:54:44 +0000 (19:24 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 7 Jan 2018 17:09:47 +0000 (17:09 +0000)
commitea89dfe868085b463dfc24df78b49d1703989484
tree8b31b329d5c66b286cfb6dd8e324cc54bb75233ctree | snapshot
parentd8996fd2bf72fa774202724864ef014592a16ececommit | diff
binutils: CVE-2017-9752

Source: binutils-gdb.git
MR: 73971
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: fe0e1d0f234ed157135818c24f4270c34e093828
Description:

 Fix potential address violations when processing a corrupt Alpha VMA binary.

        PR binutils/21589
        * vms-alpha.c (_bfd_vms_get_value): Add an extra parameter - the
        maximum value for the ascic pointer.  Check that name processing
        does not read beyond this value.
        (_bfd_vms_slurp_etir): Add checks for attempts to read beyond the
        end of etir record.
Affects: <= 2.28

Author: Nick Clifton <nickc@redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/binutils/binutils-2.27.inc diff | blob | history
meta/recipes-devtools/binutils/binutils/CVE-2017-9752.patch [new file with mode: 0644] blob
Mirror of the official openembedded-core repository