From patchwork Sat Oct 14 00:27:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaitanya Vadrevu X-Patchwork-Id: 32191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CBEF4CDB47E for ; Sat, 14 Oct 2023 00:28:34 +0000 (UTC) Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.119]) by mx.groups.io with SMTP id smtpd.web10.54240.1697243312325641715 for ; Fri, 13 Oct 2023 17:28:32 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ni.com header.s=selector1 header.b=EOSo5b0B; spf=pass (domain: ni.com, ip: 40.107.93.119, mailfrom: chaitanya.vadrevu@ni.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iIo7Am9D56j10OtswEAsoilD3XDrF2fDrgagd/n9D09ov8PNqYGS8cBcFr8AA7NO8e01Gub27qIIyufM63pifH5CQnitM8uAAiRqn8WeAFa+LO4TfkSDo59jSjQD/73KtzmVCzphmYLLLkUMorPT3KzvuJa/CDGPc/3VINX6M6k3LdkC3regUd9uI1O+H406SHwPn0NwAd/W4dlEsjdW3TURHEmCS9Oo2o/nJiHQfizQ6Pms/WZvQgKE5HCWKFWI78LRtG0oMpbtsXbmfI0/oofkC2dX/cYaeM48X9VhreYZiWBbIhjMutve3fNXCgf72P77bA5yDGJtFCFQTx/Ayw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=l/d99uRWZ8qJBXQwho6QJt9lNosNiR2/FQZ5lacFMjk=; b=YuiIAwK1MpkRbBads7MFAB63M1NuDEseH9peBxtl2vb9mWiLYI7aOsrC85tN+IANItXnFJUU59HSMgsnJfKsQcWmJdMEZklkLESOsy9GDMdAdv+kbvY/BLbMww8Hx1f3OVIkDw9u1/D632JVIq91D8qdmmUhkZcNid5TR4h+69YqzGkS2smWMgCxvYqhApidK9sSOI/PtB3AnOShiQp0wdSAfcwMV/cZ2IWnve1hHNB5oND49qEftOoyNKe8FgYzA6bfyynrXvN0lTC+D2wxUiudINnBn6SnnjZbkXRgbFucIblZuExB3HI1halrj99x09l53TjejRkRqRr5ujcWog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.164.94.73) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ni.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=ni.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ni.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l/d99uRWZ8qJBXQwho6QJt9lNosNiR2/FQZ5lacFMjk=; b=EOSo5b0Bujowyf68isqlRDwwDcMuv/V3Iuy2/FAogKO/4dq9y9rWdujJtRgvME1tiyFesNtd+V+COVKYenUMJ36mg1u+ZBeifIa9kpXt4U0F0qZ7b3rEqtlpZia5D/Fbr0slrs0aXtmT60ZCF694L+Sh+Ev5Oep1AUZl5b7tO4M= Received: from MN2PR08CA0026.namprd08.prod.outlook.com (2603:10b6:208:239::31) by SJ0PR04MB7709.namprd04.prod.outlook.com (2603:10b6:a03:329::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30; Sat, 14 Oct 2023 00:28:28 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:239:cafe::1e) by MN2PR08CA0026.outlook.office365.com (2603:10b6:208:239::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.29 via Frontend Transport; Sat, 14 Oct 2023 00:28:27 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 130.164.94.73) smtp.mailfrom=ni.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ni.com; Received-SPF: Pass (protection.outlook.com: domain of ni.com designates 130.164.94.73 as permitted sender) receiver=protection.outlook.com; client-ip=130.164.94.73; helo=us-aus-excas-p1.ni.corp.natinst.com; pr=C Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.94.73) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22 via Frontend Transport; Sat, 14 Oct 2023 00:28:26 +0000 Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Fri, 13 Oct 2023 19:28:26 -0500 Received: from cvadrevu-p620.ni.corp.natinst.com (172.18.68.32) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server id 15.2.1258.25 via Frontend Transport; Fri, 13 Oct 2023 19:28:26 -0500 From: Chaitanya Vadrevu To: CC: Chaitanya Vadrevu Subject: [kirkstone][PATCH 1/5] binutils: Fix CVE-2022-44840 Date: Fri, 13 Oct 2023 19:27:16 -0500 Message-ID: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|SJ0PR04MB7709:EE_ X-MS-Office365-Filtering-Correlation-Id: 8f8c1156-91a6-43d6-cc91-08dbcc4c7bd0 x-ni-monitor: EOP Exclude NI Domains ETR True X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PMdsRX/qPiPj6AGjo8Gv9F/yqbQIsPUTEsgLSpH7oeR4QLqllqSXUgLhc1+GL4WvTzHSbcFPp2YR7VNuosil5gCgCV5fgKH2c8VxH9Ndgr5sEaNbLp6D0dw5teJFMR60Qm+06/XpxMvjKqPKELWnEEymF2mHG+RMn2EH1Xqm5wEi5KLTPiw3L5P4X1ctGMjpJFzNqgjPSbvkmijArkDqnyjEybjbnlCCJwZ1Qhq7ECcru6On06DH5Ylk2GFKlWskzOj6hPivYLwbVKX0MbuPEd6bIcVHNrPJ5FN5qEhDvroNS1ESZOBUfRAGqoXPPYsH1uhZP+lWwdd+oa8YuJ22iF79WFvJnRvRV3G4UenXo7S/AdSuyXqPGX68PTK9IoCZJJKJtXzxDZXG4cbGh3Fazb8LBLkosCZWnCQClJT3TfkiA64Zrje6rx1hviXQDoaffX3pKhd1ujxNF2Pe6WYdDhX/tMzgIwtfnQaD8dAjQjxBEb4FR/5d6MYtNXZJ0OoR34hMnwMw36IzLWeLEyXCiduMY7sVAfbeKzFESbBL702A/W3Gxt/rT4Xq/6ez7c+6EBhNkkwmHMds7n04hZchilnTiai85UPfwXxNLsn8VJpSmv0qfR4wYkoEqNfmzcMeXnXtgjg+i2w2qUsDc7GhGxpWV/3SYW+XhLKNaQkNwvMnqURJfEBu3C1fFNrvxCzsWAO+G+sSgzDAC+LBy5ZYQNbfEnkD2my+doPxe1I2LYENULVrULb8K6WaM+g/VMWS X-Forefront-Antispam-Report: CIP:130.164.94.73;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:us-aus-excas-p1.ni.corp.natinst.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230031)(4636009)(396003)(346002)(376002)(39860400002)(136003)(230922051799003)(82310400011)(1800799009)(451199024)(64100799003)(186009)(36840700001)(46966006)(40470700004)(82740400003)(6666004)(966005)(83380400001)(5660300002)(40480700001)(41300700001)(70586007)(478600001)(36756003)(70206006)(47076005)(356005)(81166007)(86362001)(2906002)(36860700001)(2616005)(44832011)(40460700003)(316002)(6916009)(1076003)(4326008)(8676002)(26005)(8936002)(336012)(36900700001);DIR:OUT;SFP:1102; X-OriginatorOrg: ni.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 00:28:26.8981 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8f8c1156-91a6-43d6-cc91-08dbcc4c7bd0 X-MS-Exchange-CrossTenant-Id: 87ba1f9a-44cd-43a6-b008-6fdb45a5204e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=87ba1f9a-44cd-43a6-b008-6fdb45a5204e;Ip=[130.164.94.73];Helo=[us-aus-excas-p1.ni.corp.natinst.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR04MB7709 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 14 Oct 2023 00:28:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189105 Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=28750e3b967da2207d51cbce9fc8be262817ee59] Signed-off-by: Chaitanya Vadrevu --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0030-CVE-2022-44840.patch | 151 ++++++++++++++++++ 2 files changed, 152 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 638b1ba93de..7c5d8f79ec6 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -59,5 +59,6 @@ SRC_URI = "\ file://0029-CVE-2022-48065-1.patch \ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ + file://0030-CVE-2022-44840.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch new file mode 100644 index 00000000000..43c92e56666 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch @@ -0,0 +1,151 @@ +From 56e74b51b905bf169315107a280b5c2632e13c07 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Sun, 30 Oct 2022 19:08:51 +1030 +Subject: [PATCH] Pool section entries for DWP version 1 + +Ref: https://gcc.gnu.org/wiki/DebugFissionDWP?action=recall&rev=3 + +Fuzzers have found a weakness in the code stashing pool section +entries. With random nonsensical values in the index entries (rather +than each index pointing to its own set distinct from other sets), +it's possible to overflow the space allocated, losing the NULL +terminator. Without a terminator, find_section_in_set can run off the +end of the shndx_pool buffer. Fix this by scanning the pool directly. + +binutils/ + * dwarf.c (add_shndx_to_cu_tu_entry): Delete range check. + (end_cu_tu_entry): Likewise. + (process_cu_tu_index): Fill shndx_pool by directly scanning + pool, rather than indirectly from index entries. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=28750e3b967da2207d51cbce9fc8be262817ee59] + +CVE: CVE-2022-44840 + +Signed-off-by: Chaitanya Vadrevu +--- + binutils/dwarf.c | 90 ++++++++++++++++++++++-------------------------- + 1 file changed, 41 insertions(+), 49 deletions(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index f8fa2f68387..28b296f54dd 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10705,22 +10705,12 @@ prealloc_cu_tu_list (unsigned int nshndx) + static void + add_shndx_to_cu_tu_entry (unsigned int shndx) + { +- if (shndx_pool_used >= shndx_pool_size) +- { +- error (_("Internal error: out of space in the shndx pool.\n")); +- return; +- } + shndx_pool [shndx_pool_used++] = shndx; + } + + static void + end_cu_tu_entry (void) + { +- if (shndx_pool_used >= shndx_pool_size) +- { +- error (_("Internal error: out of space in the shndx pool.\n")); +- return; +- } + shndx_pool [shndx_pool_used++] = 0; + } + +@@ -10826,53 +10816,55 @@ process_cu_tu_index (struct dwarf_section *section, int do_display) + + if (version == 1) + { ++ unsigned char *shndx_list; ++ unsigned int shndx; ++ + if (!do_display) +- prealloc_cu_tu_list ((limit - ppool) / 4); +- for (i = 0; i < nslots; i++) + { +- unsigned char *shndx_list; +- unsigned int shndx; +- +- SAFE_BYTE_GET (signature, phash, 8, limit); +- if (signature != 0) ++ prealloc_cu_tu_list ((limit - ppool) / 4); ++ for (shndx_list = ppool + 4; shndx_list <= limit - 4; shndx_list += 4) + { +- SAFE_BYTE_GET (j, pindex, 4, limit); +- shndx_list = ppool + j * 4; +- /* PR 17531: file: 705e010d. */ +- if (shndx_list < ppool) +- { +- warn (_("Section index pool located before start of section\n")); +- return 0; +- } ++ shndx = byte_get (shndx_list, 4); ++ add_shndx_to_cu_tu_entry (shndx); ++ } ++ end_cu_tu_entry (); ++ } ++ else ++ for (i = 0; i < nslots; i++) ++ { ++ SAFE_BYTE_GET (signature, phash, 8, limit); ++ if (signature != 0) ++ { ++ SAFE_BYTE_GET (j, pindex, 4, limit); ++ shndx_list = ppool + j * 4; ++ /* PR 17531: file: 705e010d. */ ++ if (shndx_list < ppool) ++ { ++ warn (_("Section index pool located before start of section\n")); ++ return 0; ++ } + +- if (do_display) + printf (_(" [%3d] Signature: 0x%s Sections: "), + i, dwarf_vmatoa ("x", signature)); +- for (;;) +- { +- if (shndx_list >= limit) +- { +- warn (_("Section %s too small for shndx pool\n"), +- section->name); +- return 0; +- } +- SAFE_BYTE_GET (shndx, shndx_list, 4, limit); +- if (shndx == 0) +- break; +- if (do_display) ++ for (;;) ++ { ++ if (shndx_list >= limit) ++ { ++ warn (_("Section %s too small for shndx pool\n"), ++ section->name); ++ return 0; ++ } ++ SAFE_BYTE_GET (shndx, shndx_list, 4, limit); ++ if (shndx == 0) ++ break; + printf (" %d", shndx); +- else +- add_shndx_to_cu_tu_entry (shndx); +- shndx_list += 4; +- } +- if (do_display) ++ shndx_list += 4; ++ } + printf ("\n"); +- else +- end_cu_tu_entry (); +- } +- phash += 8; +- pindex += 4; +- } ++ } ++ phash += 8; ++ pindex += 4; ++ } + } + else if (version == 2) + { From patchwork Sat Oct 14 00:27:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaitanya Vadrevu X-Patchwork-Id: 32193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4CE5CDB47E for ; Sat, 14 Oct 2023 00:28:44 +0000 (UTC) Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.100]) by mx.groups.io with SMTP id smtpd.web10.54241.1697243316905677820 for ; Fri, 13 Oct 2023 17:28:37 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ni.com header.s=selector1 header.b=GctU1cQT; spf=pass (domain: ni.com, ip: 40.107.236.100, mailfrom: chaitanya.vadrevu@ni.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PbTrTdgAsAJ08tOrr3ILUDGahO6zKdb/bEGXTkG1L22EIpYKdRidfr0BFhTicIe2v/8rroHE3TaBe6+bnHa4PpK/+T6l6Q2kVDZQly5x6hFUFXlNS5tGvliKhkX+jreY+wcA0nZg+G92IvD9m1/79fYmfmCQOHU/vP9REoYR//UX+bv1S5TyYgCS58K7hHn0aanTUjcsBKHU168+6wR/rAP68V50yVCdADmcwav1nG0Phh7m92e5kowwcfbvt3QbLFUpbDbxMobq8bbSj8iJDoXAXlWP/TchPwHScI0uU2FC3G9LeT8jWJbksh874OP73Xh9A5+Jr+XndTzf0JAMzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2EdTODD2ilS14lzST0bOSgOl7O5r6pWXOrzWp7mUkhs=; b=QhIl7IvEZvsO6ubT2++ngyfriDiJhHrg4bE+KLuGDH+LibJeydQxvUIpmBsgfRj3J3Ru3b8wceb7rY7jZf+U6hAktty3bie0mQUvCju5ztpHwx9uL/QQkluBZvGh4apUwZ5frO9Dzqa+2PqoIB4+3J3KoYpjvB5gB5BFYD7rnOFDBuRd6nBIEDeZsl6s/pk4FfZ34lFnEQz5y9QorA8HPOM0W5MY21WWj5UUGmyaY4wJkqKYboiYkdB1DRaOAMNJHvZSu/nHXFe9JnfgN2r14CjGq7oS9M17sT5LBCKz+cuKca6J9ZT2u8npwHiU7irPvbiI6Xk6qQvtw8vynkdo1Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.164.94.74) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ni.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=ni.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ni.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2EdTODD2ilS14lzST0bOSgOl7O5r6pWXOrzWp7mUkhs=; b=GctU1cQTYufeYic/n+O57oDpWssSPT8d5frEpqc6yf6b5jC3KCLpVnPTb6eXeeVyi8zGncgHRMzrWJWs653X6jT+N9K+9k+B9enHIH0E5/C3Xc7YX/fw3gYE40JFs7LUrkztvAC6BdufyJhXZSefFw1l4/O21YSY1q42A8c4cUk= Received: from MN2PR10CA0029.namprd10.prod.outlook.com (2603:10b6:208:120::42) by MW6PR04MB8820.namprd04.prod.outlook.com (2603:10b6:303:244::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Sat, 14 Oct 2023 00:28:33 +0000 Received: from BL02EPF0001A0FE.namprd03.prod.outlook.com (2603:10b6:208:120:cafe::59) by MN2PR10CA0029.outlook.office365.com (2603:10b6:208:120::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.27 via Frontend Transport; Sat, 14 Oct 2023 00:28:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 130.164.94.74) smtp.mailfrom=ni.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ni.com; Received-SPF: Pass (protection.outlook.com: domain of ni.com designates 130.164.94.74 as permitted sender) receiver=protection.outlook.com; client-ip=130.164.94.74; helo=us-aus-excas-p2.ni.corp.natinst.com; pr=C Received: from us-aus-excas-p2.ni.corp.natinst.com (130.164.94.74) by BL02EPF0001A0FE.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22 via Frontend Transport; Sat, 14 Oct 2023 00:28:30 +0000 Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) by us-aus-excas-p2.ni.corp.natinst.com (130.164.68.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Fri, 13 Oct 2023 19:28:30 -0500 Received: from cvadrevu-p620.ni.corp.natinst.com (172.18.68.32) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server id 15.2.1258.25 via Frontend Transport; Fri, 13 Oct 2023 19:28:30 -0500 From: Chaitanya Vadrevu To: CC: Chaitanya Vadrevu Subject: [kirkstone][PATCH 2/5] binutils: Fix CVE-2022-47695 Date: Fri, 13 Oct 2023 19:27:17 -0500 Message-ID: <20231014002720.491416-2-chaitanya.vadrevu@ni.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> References: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FE:EE_|MW6PR04MB8820:EE_ X-MS-Office365-Filtering-Correlation-Id: 393c67ca-95f8-448c-61cf-08dbcc4c7e13 x-ni-monitor: EOP Exclude NI Domains ETR True X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: k6stA/7MLO+JGLTXJ7QQAvZBn5mWUyzROeVmfURLN50sdz2uiv2OT4S+k4bfTDoI346siH3e8a9jlpblqK9Dx2NeeYgwcFJKvnVjI3mIsOMxsIXM2jY8L9QrA62VuoQ6q64s0f8nVuLOtxtBrutkJTfj3F5Ltsfy9l+XjCWOfqKwxdASxmRgCODdcDU22DVlQMNZzNt3WvBPVhzE2rdn7FHtUHaWtSMfrZ73UdUfGHjseQb8ayZTVV4Yd215m2AeMFTJsE1+libdqMk8vz6LCTRGnYhp+J5EcI89AlbeFNnb+EcKp+TN9A/tQCyATvDyvV97PTuvi/N/Wi79XbC48kTvtDDzSjVTdSIAXNw0XbK0qMQ+BHYX1EhQUKxLS1zus7efZ8N1HDtV7Uq/zxSA3Hv3UywtsKpQQlGecyZNe7+G5Jv/l1KX2nrc4FtB6eNnQA5Zw42GdX19tenn79gw1GTCXkNBemT5pW3f7cIniCM3FEnj5xC3qLsOhS4MsYGYiBPqmZzHyMrLv6ATMMzKRXDV/+scTXektQ32LXUHzeXtCWB9HiiYQun11dlKucvoIjP2XdE8qkU3g8PwLuvCReejX0KJ1y01l02JT9xSwOFOnvzhgTTzuvIEZQ+qv36NOhBflLb1mc/oq/TGrTUM8m2wX5lx4Xn5Rj1TPuuM8LdSb+5pc6CFxz9nUlw2EbKl/cdAJDqT5vHwAaWQy1z6hJ2G2ldyzwKTIzLQOp/SYSke1h+Eqg4PheQ2so5dMWE3 X-Forefront-Antispam-Report: CIP:130.164.94.74;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:us-aus-excas-p2.ni.corp.natinst.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(376002)(39860400002)(346002)(230922051799003)(1800799009)(82310400011)(451199024)(64100799003)(186009)(40470700004)(46966006)(36840700001)(1076003)(44832011)(2616005)(40480700001)(36756003)(478600001)(36860700001)(82740400003)(81166007)(356005)(40460700003)(83380400001)(6666004)(47076005)(336012)(4326008)(2906002)(316002)(86362001)(8676002)(41300700001)(26005)(70586007)(5660300002)(6916009)(70206006)(8936002)(36900700001);DIR:OUT;SFP:1102; X-OriginatorOrg: ni.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 00:28:30.6431 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 393c67ca-95f8-448c-61cf-08dbcc4c7e13 X-MS-Exchange-CrossTenant-Id: 87ba1f9a-44cd-43a6-b008-6fdb45a5204e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=87ba1f9a-44cd-43a6-b008-6fdb45a5204e;Ip=[130.164.94.74];Helo=[us-aus-excas-p2.ni.corp.natinst.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR04MB8820 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 14 Oct 2023 00:28:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189106 Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] Signed-off-by: Chaitanya Vadrevu --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0031-CVE-2022-47695.patch | 58 +++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 7c5d8f79ec6..89d8fdeba85 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -60,5 +60,6 @@ SRC_URI = "\ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ file://0030-CVE-2022-44840.patch \ + file://0031-CVE-2022-47695.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch new file mode 100644 index 00000000000..f2e9cea0273 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch @@ -0,0 +1,58 @@ +From 2f7426b9bb2d2450b32cad3d79fab9abe3ec42bb Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Sun, 4 Dec 2022 22:15:40 +1030 +Subject: [PATCH] PR29846, segmentation fault in objdump.c compare_symbols + +Fixes a fuzzed object file problem where plt relocs were manipulated +in such a way that two synthetic symbols were generated at the same +plt location. Won't occur in real object files. + + PR 29846 + PR 20337 + * objdump.c (compare_symbols): Test symbol flags to exclude + section and synthetic symbols before attempting to check flavour. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] + +CVE: CVE-2022-47695 + +Signed-off-by: Chaitanya Vadrevu +--- + binutils/objdump.c | 23 ++++++++++------------- + 1 file changed, 10 insertions(+), 13 deletions(-) + +diff --git a/binutils/objdump.c b/binutils/objdump.c +index 08a0fe521d8..21f75f4db40 100644 +--- a/binutils/objdump.c ++++ b/binutils/objdump.c +@@ -1165,20 +1165,17 @@ compare_symbols (const void *ap, const void *bp) + return 1; + } + +- if (bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour ++ /* Sort larger size ELF symbols before smaller. See PR20337. */ ++ bfd_vma asz = 0; ++ if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 ++ && bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour) ++ asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; ++ bfd_vma bsz = 0; ++ if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 + && bfd_get_flavour (bfd_asymbol_bfd (b)) == bfd_target_elf_flavour) +- { +- bfd_vma asz, bsz; +- +- asz = 0; +- if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) +- asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; +- bsz = 0; +- if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) +- bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; +- if (asz != bsz) +- return asz > bsz ? -1 : 1; +- } ++ bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; ++ if (asz != bsz) ++ return asz > bsz ? -1 : 1; + + /* Symbols that start with '.' might be section names, so sort them + after symbols that don't start with '.'. */ From patchwork Sat Oct 14 00:27:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaitanya Vadrevu X-Patchwork-Id: 32195 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1C86CDB483 for ; Sat, 14 Oct 2023 00:28:44 +0000 (UTC) Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.100]) by mx.groups.io with SMTP id smtpd.web10.54243.1697243319637195278 for ; Fri, 13 Oct 2023 17:28:39 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ni.com header.s=selector1 header.b=EiJI0SE6; spf=pass (domain: ni.com, ip: 40.107.236.100, mailfrom: chaitanya.vadrevu@ni.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XL6cmki+2HmXCzUYPncJXnjVHCr8C1WPUOulXE7J4R3mutMlKI36hqtvZYueypZdomGj60jxjmyvgHUD4k+ogVW21FVOItRriZQiHLB6tgbdA4EoAEi7uhY1kjbhyz40zd8eL98Hpv9zgKljbNhV0punkALjsznkD4NX/l3jkPdIKBDEocS55pbVftynN7KADIErYXUa62WUoAB0xa+Jxu31QyrFQr+XL3rL4quRBmhXPxicEqaedxsousclGbWunlKZVW5ZB3j462E7biftDMHyhynwA1e/+BowV4Pr0WHoK4JujuHZuX90N64Uw53dLJzZe3mOMug77BuMrcMjyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0Srnm/I2rP4nB9qOsVpOcvGTXUlX0s9/dh/2qTiWmIs=; b=dXXtij4QzmnAtSW1M2WVGOMoHRnuxfVMYPljLfZ3S/Z0x6mgvuVswoQQ4fxaKBp6dvqb5kry59x9yIoR7bXZpvXZVnQZcjF3OSq7EtbGhtlEOVwo7Lhq353I4/MPVX5eqX8igrypMZeWoS6e74X/QkbB7FG34Erffk9YIcYptki2Y6aHfNZi19WbEamwovF8l9yyT04ap3MkIrdA2KuuOqSqdYJdJz7Pfqkd+7MUJbAIP/7KcnpkSJoOC9BwyWbfBWpeO1tZWXjGbD05f5MErqo5qn0Kgy8uWUdqt54se5Bh9CudgYMK6kxTTvCaPOsIlcygj7lOxXkVAUcHA3nOgg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.164.94.74) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ni.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=ni.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ni.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Srnm/I2rP4nB9qOsVpOcvGTXUlX0s9/dh/2qTiWmIs=; b=EiJI0SE6ORXlAXuFLnlkERrbReti9HepGaL6sUXTJ5PDC48rKabepTehcEzxNUwS6jFrVx4Y2C5aXKGHcTKKsNj6DOj30KHgGdviy+XkJFD+WlllUc2VPWlgHC05+oy8b0WM7alPlLD59dLaENm96goGlUVpqd6DOknoHo9omLc= Received: from MN2PR10CA0017.namprd10.prod.outlook.com (2603:10b6:208:120::30) by CH3PR04MB8972.namprd04.prod.outlook.com (2603:10b6:610:1a8::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30; Sat, 14 Oct 2023 00:28:36 +0000 Received: from BL02EPF0001A0FE.namprd03.prod.outlook.com (2603:10b6:208:120:cafe::13) by MN2PR10CA0017.outlook.office365.com (2603:10b6:208:120::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30 via Frontend Transport; Sat, 14 Oct 2023 00:28:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 130.164.94.74) smtp.mailfrom=ni.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ni.com; Received-SPF: Pass (protection.outlook.com: domain of ni.com designates 130.164.94.74 as permitted sender) receiver=protection.outlook.com; client-ip=130.164.94.74; helo=us-aus-excas-p2.ni.corp.natinst.com; pr=C Received: from us-aus-excas-p2.ni.corp.natinst.com (130.164.94.74) by BL02EPF0001A0FE.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22 via Frontend Transport; Sat, 14 Oct 2023 00:28:33 +0000 Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) by us-aus-excas-p2.ni.corp.natinst.com (130.164.68.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Fri, 13 Oct 2023 19:28:31 -0500 Received: from cvadrevu-p620.ni.corp.natinst.com (172.18.68.32) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server id 15.2.1258.25 via Frontend Transport; Fri, 13 Oct 2023 19:28:31 -0500 From: Chaitanya Vadrevu To: CC: Chaitanya Vadrevu Subject: [kirkstone][PATCH 3/5] binutils: Fix CVE-2022-45703 Date: Fri, 13 Oct 2023 19:27:18 -0500 Message-ID: <20231014002720.491416-3-chaitanya.vadrevu@ni.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> References: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FE:EE_|CH3PR04MB8972:EE_ X-MS-Office365-Filtering-Correlation-Id: 47009cef-899f-45b6-d574-08dbcc4c7fed x-ni-monitor: EOP Exclude NI Domains ETR True X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Qg1i5cH8NV1EuhlCOeusV7Mz7MQkoipzSla37e1+4xykH15kE+HKLCG/2wx7goFO8nYG6cClb1Dz33mhXdB/SPMPHXXqOBg4DCoknNVTMNYvOZtsgAHS4U9XPBVDrY6NuL9t43VGNz+018ffdgHJh4y3v8imNcMEn+2S0kWddft53LqA9YNzvsEnOrctQUmpNZkX00y0Tcbwh/XrMIIthWv1tuUTfkDwS5CS4FE+rOnkEFhOR/ivvkVAlHbufEKGJKeq3PCwz1PDng1oXzuNmD0XVggHZ5UHrNK9bab6/gag0sVSixKn+eln7V96h3U/FBKIy5v6O5CoTLnxlCv5JhtWSfsfxEq52r+5q7XWojylH8gcGHdZziAnMQCceGx4sgC8B8vBxBtqfu3gk1A5FnrUbMBTDWXvuUbVMbvTzRSY+vl+QPO0gkOfmGn49r/XDfvR+y6T2TA+/nGO7eWlg1Da+0N6G2IRqYXjKB6wNMx2ldRoxJ0uILxF6wtHJJ7kbEP2oIkYBl106NZ8IkdbpRZfI0E4sfj4ivbUS3COShRBh7KFYO3f3VQxXeqQFfXGEuCARILbefZf2xeeHT73REZwzTEvBsSqd6M4AsbJLqKkHQ6XK6m9M7tzLcTFL2bBTHt3gitU350ZzIH45veWQfQ91hcGxNR6aoe1s/3H9UjjvYh5gvPCH3UCpmCXnQVSmJzr4A7+8eEilRRG8UrWVKEyKr/h+WVAuX92v/rIQpz8otPJ3SLXIUOsouNHAAau X-Forefront-Antispam-Report: CIP:130.164.94.74;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:us-aus-excas-p2.ni.corp.natinst.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(136003)(396003)(39860400002)(230922051799003)(1800799009)(64100799003)(186009)(451199024)(82310400011)(36840700001)(40470700004)(46966006)(47076005)(36860700001)(478600001)(40460700003)(26005)(2616005)(8676002)(336012)(83380400001)(40480700001)(2906002)(86362001)(44832011)(41300700001)(8936002)(5660300002)(4326008)(81166007)(6666004)(966005)(70206006)(316002)(36756003)(6916009)(70586007)(356005)(82740400003)(1076003)(36900700001);DIR:OUT;SFP:1102; X-OriginatorOrg: ni.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 00:28:33.7837 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 47009cef-899f-45b6-d574-08dbcc4c7fed X-MS-Exchange-CrossTenant-Id: 87ba1f9a-44cd-43a6-b008-6fdb45a5204e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=87ba1f9a-44cd-43a6-b008-6fdb45a5204e;Ip=[130.164.94.74];Helo=[us-aus-excas-p2.ni.corp.natinst.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR04MB8972 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 14 Oct 2023 00:28:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189107 Upstream-Status: Backport following * https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636 * https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=69bfd1759db41c8d369f9dcc98a135c5a5d97299 Signed-off-by: Chaitanya Vadrevu --- .../binutils/binutils-2.38.inc | 2 + .../binutils/0032-CVE-2022-45703-1.patch | 146 ++++++++++++++++++ .../binutils/0032-CVE-2022-45703-2.patch | 31 ++++ 3 files changed, 179 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-1.patch create mode 100644 meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-2.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 89d8fdeba85..ec5ba36d9a6 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -61,5 +61,7 @@ SRC_URI = "\ file://0029-CVE-2022-48065-3.patch \ file://0030-CVE-2022-44840.patch \ file://0031-CVE-2022-47695.patch \ + file://0032-CVE-2022-45703-1.patch \ + file://0032-CVE-2022-45703-2.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-1.patch b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-1.patch new file mode 100644 index 00000000000..2289d18c61b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-1.patch @@ -0,0 +1,146 @@ +From 02c8847ad5686f77a842cdb395a41240445f90de Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Tue, 24 May 2022 09:32:14 +0930 +Subject: [PATCH] PR29169, invalid read displaying fuzzed .gdb_index + + PR 29169 + * dwarf.c (display_gdb_index): Combine sanity checks. Calculate + element counts, not word counts. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636] + +CVE: CVE-2022-45703 + +Signed-off-by: Chaitanya Vadrevu +--- + binutils/dwarf.c | 80 +++++++++++++----------------------------------- + 1 file changed, 22 insertions(+), 58 deletions(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 2d151c60817..5e802ac78cd 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10463,7 +10463,7 @@ display_gdb_index (struct dwarf_section *section, + uint32_t cu_list_offset, tu_list_offset; + uint32_t address_table_offset, symbol_table_offset, constant_pool_offset; + unsigned int cu_list_elements, tu_list_elements; +- unsigned int address_table_size, symbol_table_slots; ++ unsigned int address_table_elements, symbol_table_slots; + unsigned char *cu_list, *tu_list; + unsigned char *address_table, *symbol_table, *constant_pool; + unsigned int i; +@@ -10511,48 +10511,19 @@ display_gdb_index (struct dwarf_section *section, + || tu_list_offset > section->size + || address_table_offset > section->size + || symbol_table_offset > section->size +- || constant_pool_offset > section->size) ++ || constant_pool_offset > section->size ++ || tu_list_offset < cu_list_offset ++ || address_table_offset < tu_list_offset ++ || symbol_table_offset < address_table_offset ++ || constant_pool_offset < symbol_table_offset) + { + warn (_("Corrupt header in the %s section.\n"), section->name); + return 0; + } + +- /* PR 17531: file: 418d0a8a. */ +- if (tu_list_offset < cu_list_offset) +- { +- warn (_("TU offset (%x) is less than CU offset (%x)\n"), +- tu_list_offset, cu_list_offset); +- return 0; +- } +- +- cu_list_elements = (tu_list_offset - cu_list_offset) / 8; +- +- if (address_table_offset < tu_list_offset) +- { +- warn (_("Address table offset (%x) is less than TU offset (%x)\n"), +- address_table_offset, tu_list_offset); +- return 0; +- } +- +- tu_list_elements = (address_table_offset - tu_list_offset) / 8; +- +- /* PR 17531: file: 18a47d3d. */ +- if (symbol_table_offset < address_table_offset) +- { +- warn (_("Symbol table offset (%x) is less then Address table offset (%x)\n"), +- symbol_table_offset, address_table_offset); +- return 0; +- } +- +- address_table_size = symbol_table_offset - address_table_offset; +- +- if (constant_pool_offset < symbol_table_offset) +- { +- warn (_("Constant pool offset (%x) is less than symbol table offset (%x)\n"), +- constant_pool_offset, symbol_table_offset); +- return 0; +- } +- ++ cu_list_elements = (tu_list_offset - cu_list_offset) / 16; ++ tu_list_elements = (address_table_offset - tu_list_offset) / 24; ++ address_table_elements = (symbol_table_offset - address_table_offset) / 20; + symbol_table_slots = (constant_pool_offset - symbol_table_offset) / 8; + + cu_list = start + cu_list_offset; +@@ -10561,31 +10532,25 @@ display_gdb_index (struct dwarf_section *section, + symbol_table = start + symbol_table_offset; + constant_pool = start + constant_pool_offset; + +- if (address_table_offset + address_table_size > section->size) +- { +- warn (_("Address table extends beyond end of section.\n")); +- return 0; +- } +- + printf (_("\nCU table:\n")); +- for (i = 0; i < cu_list_elements; i += 2) ++ for (i = 0; i < cu_list_elements; i++) + { +- uint64_t cu_offset = byte_get_little_endian (cu_list + i * 8, 8); +- uint64_t cu_length = byte_get_little_endian (cu_list + i * 8 + 8, 8); ++ uint64_t cu_offset = byte_get_little_endian (cu_list + i * 16, 8); ++ uint64_t cu_length = byte_get_little_endian (cu_list + i * 16 + 8, 8); + +- printf (_("[%3u] 0x%lx - 0x%lx\n"), i / 2, ++ printf (_("[%3u] 0x%lx - 0x%lx\n"), i, + (unsigned long) cu_offset, + (unsigned long) (cu_offset + cu_length - 1)); + } + + printf (_("\nTU table:\n")); +- for (i = 0; i < tu_list_elements; i += 3) ++ for (i = 0; i < tu_list_elements; i++) + { +- uint64_t tu_offset = byte_get_little_endian (tu_list + i * 8, 8); +- uint64_t type_offset = byte_get_little_endian (tu_list + i * 8 + 8, 8); +- uint64_t signature = byte_get_little_endian (tu_list + i * 8 + 16, 8); ++ uint64_t tu_offset = byte_get_little_endian (tu_list + i * 24, 8); ++ uint64_t type_offset = byte_get_little_endian (tu_list + i * 24 + 8, 8); ++ uint64_t signature = byte_get_little_endian (tu_list + i * 24 + 16, 8); + +- printf (_("[%3u] 0x%lx 0x%lx "), i / 3, ++ printf (_("[%3u] 0x%lx 0x%lx "), i, + (unsigned long) tu_offset, + (unsigned long) type_offset); + print_dwarf_vma (signature, 8); +@@ -10593,12 +10558,11 @@ display_gdb_index (struct dwarf_section *section, + } + + printf (_("\nAddress table:\n")); +- for (i = 0; i < address_table_size && i <= address_table_size - (2 * 8 + 4); +- i += 2 * 8 + 4) ++ for (i = 0; i < address_table_elements; i++) + { +- uint64_t low = byte_get_little_endian (address_table + i, 8); +- uint64_t high = byte_get_little_endian (address_table + i + 8, 8); +- uint32_t cu_index = byte_get_little_endian (address_table + i + 16, 4); ++ uint64_t low = byte_get_little_endian (address_table + i * 20, 8); ++ uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8); ++ uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4); + + print_dwarf_vma (low, 8); + print_dwarf_vma (high, 8); diff --git a/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-2.patch b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-2.patch new file mode 100644 index 00000000000..06f1b2430af --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-45703-2.patch @@ -0,0 +1,31 @@ +From 37a35dc3c13957a55d83350a28279a9ea4218648 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Fri, 18 Nov 2022 11:29:13 +1030 +Subject: [PATCH] PR29799 heap buffer overflow in display_gdb_index + dwarf.c:10548 + + PR 29799 + * dwarf.c (display_gdb_index): Typo fix. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=69bfd1759db41c8d369f9dcc98a135c5a5d97299] + +CVE: CVE-2022-45703 + +Signed-off-by: Chaitanya Vadrevu +--- + binutils/dwarf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 5e802ac78cd..a6a33b29c80 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10562,7 +10562,7 @@ display_gdb_index (struct dwarf_section *section, + { + uint64_t low = byte_get_little_endian (address_table + i * 20, 8); + uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8); +- uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4); ++ uint32_t cu_index = byte_get_little_endian (address_table + i * 20 + 16, 4); + + print_dwarf_vma (low, 8); + print_dwarf_vma (high, 8); From patchwork Sat Oct 14 00:27:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaitanya Vadrevu X-Patchwork-Id: 32192 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6571C41513 for ; Sat, 14 Oct 2023 00:28:44 +0000 (UTC) Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.123]) by mx.groups.io with SMTP id smtpd.web10.54245.1697243322914579180 for ; Fri, 13 Oct 2023 17:28:43 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ni.com header.s=selector1 header.b=kaLmrCku; spf=pass (domain: ni.com, ip: 40.107.92.123, mailfrom: chaitanya.vadrevu@ni.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EtfMCGGXcwmyl7YOjd5IBDTMpGa4UuES17mHk4zDd9Yif0bLM8H18Dd9aC8nc55O3LacvIFgSIH1cWnG9qPdHRpSE1eSH28WlJ9SsvufHRkd1FFOGH3hMkqveVnmclycQNcW3DMlW+OWRw0AO6M+onx416ZkZGVqdTsRbGFjPrKkU0y46LvUaf77u0jVLJ9ofRHFBu1tcDNgXbzMCqtvHEtca+oeNmbV4j/OncnZbSupCQc0ERIgojgz2IJtkKusq2Ri36LqUKnNM4RnYnH0A6MooW4EjWd/aX8VdkQF0Gq5shTT5j0v3n1tnKv1avEBitVqLFm3eZtyeL1EO/D99A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=J537On8dKRBEMbeG8qExsAGJb4F+a+LKXB219Zv7Jj4=; b=mLXToNL3a6DWcCFWV2a9PDbnNlXx0tBumOMmKJnggz9VLFeev06dlp+v8PTtlo1zZ3nLReitqUj7VM8yPlwEImWMhe4h7NF9qoItnmXl4/jGrfMxHy4O+nywpv4bhg5o/WFnplrM7tItCcGvggYemMQBfo3uQ2LREfz0mMie+UNPYAZoqF/9v6ZTfnuYrUzTlP0VEHl+lKM+Buuk66MoVTldYGf1XEf6nOk9PAK0wT8xMNGzxIBALr3ONU4Tx8yycvawsz3zNOtWmESt+li8pbSpHbeLP7u9F1cXFsp3h0d+dCxWgatJNblk5AKylIQdDSZXsX7UNAaJ35LPk30fnA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.164.94.74) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ni.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=ni.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ni.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J537On8dKRBEMbeG8qExsAGJb4F+a+LKXB219Zv7Jj4=; b=kaLmrCkuo0rmH3bbOkxH9uf2djqdnb/3NYCdV5IjxPNV0dxlLLNrHFr7cJJpEnS0pZn/tqPF8dGSHjFV84PrJ9Nc4FjjPuqALvx1Mf6Hh9BUpMAMRlm9Y1ZI1bj18yXSui+v7NimC0MiLf0Hl++ZWq+2Y2WuRafNBJiS2MrmzzY= Received: from MN2PR10CA0031.namprd10.prod.outlook.com (2603:10b6:208:120::44) by SJ2PR04MB8846.namprd04.prod.outlook.com (2603:10b6:a03:544::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.17; Sat, 14 Oct 2023 00:28:38 +0000 Received: from BL02EPF0001A0FE.namprd03.prod.outlook.com (2603:10b6:208:120:cafe::cb) by MN2PR10CA0031.outlook.office365.com (2603:10b6:208:120::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30 via Frontend Transport; Sat, 14 Oct 2023 00:28:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 130.164.94.74) smtp.mailfrom=ni.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ni.com; Received-SPF: Pass (protection.outlook.com: domain of ni.com designates 130.164.94.74 as permitted sender) receiver=protection.outlook.com; client-ip=130.164.94.74; helo=us-aus-excas-p2.ni.corp.natinst.com; pr=C Received: from us-aus-excas-p2.ni.corp.natinst.com (130.164.94.74) by BL02EPF0001A0FE.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22 via Frontend Transport; Sat, 14 Oct 2023 00:28:36 +0000 Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) by us-aus-excas-p2.ni.corp.natinst.com (130.164.68.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Fri, 13 Oct 2023 19:28:31 -0500 Received: from cvadrevu-p620.ni.corp.natinst.com (172.18.68.32) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server id 15.2.1258.25 via Frontend Transport; Fri, 13 Oct 2023 19:28:31 -0500 From: Chaitanya Vadrevu To: CC: Chaitanya Vadrevu Subject: [kirkstone][PATCH 4/5] binutils: Mark CVE-2022-47673 as patched Date: Fri, 13 Oct 2023 19:27:19 -0500 Message-ID: <20231014002720.491416-4-chaitanya.vadrevu@ni.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> References: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FE:EE_|SJ2PR04MB8846:EE_ X-MS-Office365-Filtering-Correlation-Id: 2f0154a9-3c83-4abd-9be2-08dbcc4c8179 x-ni-monitor: EOP Exclude NI Domains ETR True X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HwIzI7ZRVKqxyubZaho83SZC4UmSNclREemKdj8erGOwRPMsjZ4bOVuoQRCL2MLLRFaNZPCbgQi5IIaJcSA7/MtuKLRaTIzmKin7ogOylFkJ4fbRYzwsowhckFyal+C3rIocMNLarFi51BFaI8tVoebY9icbxgijXygyC2MtMB/dV9t1jAXJJLd2xmURB/Z24K72SPLpEVT+aBmOxRo5JjhAAOz9weN/JKU84FC/HPLeHhCy2ukgwi1RuRA+Rg9TrO9agbk3UQDroEFA1mSagdpmqmDbR6yxzqaAe8QUHeRZ8x+Io/kxMVJMcD3lD/zjMNUN2Kyj+70lQlTdnNT19ar3s6yJ6BGRUSpRbQp22V51al1D452AXX2yLW1i9Ak3LUsjZ8zetg8P8HZmla/LH4/tLCQa9IyAxpCTlLivjbfhpJHj40C2fGqcldkSRrh2lbkJqRKLZoXaWjJ/aC4k9CeXEQno+xEODXqPrn6c63jmVNz8HF1VbCx1AKeoKoq3nDB9OP8eEgcfgyM3OfLwqGwMWzwDf7AyQOUfsHi5V6IuFSKv6PleRxi0oFcUjcvy38bYGaPeB7WXoIKXD/6YHrhF9Z3ZfXExoN5zQZIgRfCfi1xCwYLhJuPFrgI9qsFqX3pF+gCYhO1hVfoV5jxE/wcZmFLPwCFOI2PFQhjJwJayFSrzupFAgegCGAJxGLN+COZGnZYHxoP6r10OIeaaLcs6vy9/GBt1iMyMkS/LS9rcxysYJDrt672xWkvWiJXb X-Forefront-Antispam-Report: CIP:130.164.94.74;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:us-aus-excas-p2.ni.corp.natinst.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(136003)(39860400002)(396003)(230922051799003)(82310400011)(1800799009)(64100799003)(186009)(451199024)(40470700004)(46966006)(36840700001)(44832011)(47076005)(86362001)(81166007)(478600001)(2906002)(8936002)(8676002)(5660300002)(4326008)(4744005)(356005)(36756003)(26005)(41300700001)(336012)(6916009)(70206006)(40460700003)(2616005)(70586007)(40480700001)(316002)(36860700001)(1076003)(6666004)(82740400003)(36900700001);DIR:OUT;SFP:1102; X-OriginatorOrg: ni.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 00:28:36.3774 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2f0154a9-3c83-4abd-9be2-08dbcc4c8179 X-MS-Exchange-CrossTenant-Id: 87ba1f9a-44cd-43a6-b008-6fdb45a5204e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=87ba1f9a-44cd-43a6-b008-6fdb45a5204e;Ip=[130.164.94.74];Helo=[us-aus-excas-p2.ni.corp.natinst.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR04MB8846 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 14 Oct 2023 00:28:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189108 Signed-off-by: Chaitanya Vadrevu --- .../binutils/binutils/0022-CVE-2023-25584-3.patch | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch b/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch index abe501e5709..47cc3f310b3 100644 --- a/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch +++ b/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch @@ -35,8 +35,10 @@ Lack of bounds checking in vms-alpha.c parse_module Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=77c225bdeb410cf60da804879ad41622f5f1aa44] CVE: CVE-2023-25584 +CVE: CVE-2022-47673 Signed-off-by: Deepthi Hemraj +Signed-off-by: Chaitanya Vadrevu --- From patchwork Sat Oct 14 00:27:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chaitanya Vadrevu X-Patchwork-Id: 32194 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B36F3CDB47E for ; Sat, 14 Oct 2023 00:28:54 +0000 (UTC) Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.115]) by mx.groups.io with SMTP id smtpd.web11.54075.1697243325509499056 for ; Fri, 13 Oct 2023 17:28:45 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="dkim: body hash did not verify" header.i=@ni.com header.s=selector1 header.b=da+0VmH/; spf=pass (domain: ni.com, ip: 40.107.223.115, mailfrom: chaitanya.vadrevu@ni.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G0S8qrsx6XAv4J0aYHB8gT0kYlf6eoiEHrV5EpcYl6Snqrw+AKD85ktybOYmQ85WA0FaogBKNE6zKDYoxUSq/tQepD+XGv/rJfaRldTCWjBdB1IsPJRsb6bf4o47myCDv372aMMF/SJHGrnNkMFpCwY7tnoS5mrHPYJ5RrK5q3c4k4U22dXojhPPLriDYPCWEcQdw3FHu4BO3gZ+GMvfKNZuAxq5uyLZG7GPlLikiB+oXoASk/XzuITZeiCMw7mwG1scbZAwgtw6RtVzFBp8Ir8wSQy1zXZHL6YJwK/HaiRMo3eX3vDIGUao5dGr70+y4ejszd3+bEZtsJWQU8391g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=umakq4HOtVD7FbmOAe+MDeJTIa5rlmDrLnDnsY7OSJ4=; b=nGdUHMXG0tGbKb7OFR7IQenkyQaSw8nFOE+ErqDs3vtL+UW4oEMNu1qvFLUJjrpupP7MBOQPCBgfjyIv8KKOHbGlULZ1v+mmqy8lY344mrw6b3WELGpVhphivppUPfq9cMsfTSPWGlqEOYavY+vdxHxmJV798RCUVHmlAvPDS5UvwQr/42K6jsOcrhB7770y2so/LOBjkIn1b6wlW7pgPvcJ5BDF0HtfnQyJR7D3P3ZkaXokbqvByVT+P365MfouXQMBZmAdeOOykrz5UTFCCBTvIaIy5X9JsmCv0ZRXSar50kiamzVcIPVpI6U1idkLROJY37bE8dBE0c1hjL+R6w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 130.164.94.74) smtp.rcpttodomain=lists.openembedded.org smtp.mailfrom=ni.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=ni.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ni.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=umakq4HOtVD7FbmOAe+MDeJTIa5rlmDrLnDnsY7OSJ4=; b=da+0VmH/u9PMUFaid0Dx0MwatujZ7P1Bcl01fRShPLLAJxxP796YcIR1XLWuLPaY92HPFNjEAU+GTi8TEafoVqmWzxAOYFwxXPKCWg0c/VoXLsmk8mOkEu29X3kSFqdyEmr4EEDrBoWnwcmiHlu5cy5JgBNNszxk/WugcrrNu8Q= Received: from MN2PR10CA0001.namprd10.prod.outlook.com (2603:10b6:208:120::14) by SJ2PR04MB9010.namprd04.prod.outlook.com (2603:10b6:a03:561::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.47; Sat, 14 Oct 2023 00:28:41 +0000 Received: from BL02EPF0001A0FE.namprd03.prod.outlook.com (2603:10b6:208:120:cafe::ce) by MN2PR10CA0001.outlook.office365.com (2603:10b6:208:120::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30 via Frontend Transport; Sat, 14 Oct 2023 00:28:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 130.164.94.74) smtp.mailfrom=ni.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ni.com; Received-SPF: Pass (protection.outlook.com: domain of ni.com designates 130.164.94.74 as permitted sender) receiver=protection.outlook.com; client-ip=130.164.94.74; helo=us-aus-excas-p2.ni.corp.natinst.com; pr=C Received: from us-aus-excas-p2.ni.corp.natinst.com (130.164.94.74) by BL02EPF0001A0FE.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22 via Frontend Transport; Sat, 14 Oct 2023 00:28:38 +0000 Received: from us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) by us-aus-excas-p2.ni.corp.natinst.com (130.164.68.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.25; Fri, 13 Oct 2023 19:28:34 -0500 Received: from cvadrevu-p620.ni.corp.natinst.com (172.18.68.32) by us-aus-excas-p1.ni.corp.natinst.com (130.164.68.17) with Microsoft SMTP Server id 15.2.1258.25 via Frontend Transport; Fri, 13 Oct 2023 19:28:34 -0500 From: Chaitanya Vadrevu To: CC: Chaitanya Vadrevu Subject: [kirkstone][PATCH 5/5] binutils: Mark CVE-2022-47696 as patched Date: Fri, 13 Oct 2023 19:27:20 -0500 Message-ID: <20231014002720.491416-5-chaitanya.vadrevu@ni.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> References: <20231014002720.491416-1-chaitanya.vadrevu@ni.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FE:EE_|SJ2PR04MB9010:EE_ X-MS-Office365-Filtering-Correlation-Id: b4f7f450-5561-43ae-7634-08dbcc4c82f9 x-ni-monitor: EOP Exclude NI Domains ETR True X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LhZ51OyaMW8NERcoSEeVd4Dr1wnvXVuyIMoDt8gohKPpO09q+KSSlAt+2aF8dvbQN9hHGIrY1kYQHBc+5PC/6NRO3IO/bcWoGzrUPP0yVW/i/VhSZAuebWgb9PqES9xfakv9CyZ4ZR6MDV3gArZto1/NUWbWftKsN2hZtLd5lHGPw6KxqJe+B2bLAQGDMtdoau/oY5qGrWAQfym9YSHuYrSnBZKQ+usO8Ofw8kJybxKCZG9NAJxmA70vTLi0pyq5P+cysrPZlnpQ3HVSOxCtoPgvugwDLtlSqxIxYM3nA2GqCCQLaCGnc6IYUA49YjUVjZM22uyMkj/Yk2dmOifqLfzlYPtHV8LHXQp660OWqM9l0u0MLV2Y0U+MrMo/9PY6fSQ7H4Hih1KMY6QXarxZi35z7o0vBPR78p/nVvTWMrVlHTSH3iw83aobxcGQ0WxzZ9u+l2kC9UL3aLmptxsGPuU7/cdBDh+EE+DHaEhQwGWdRWFjLcEjro2YWHPjPYZlzOAL2O0L1/6HMI8Nsb10uKgjjLjm1rVkbQgAqet4Fsd2Jw8J9RFydcetsp0hOTxdXuTnHow2pM6asI6yQFG7QIz/fYGu7OrtYFazc8Ce1ikvR8wdkp0R3dBInoAx9IPfxi6T4qlT7WWG4kSKnTDV1nK/gLNKQ9t7I08WU/sOXXx6DQZjI3uZvdemUnEkBiKA4Nq/GwdW85NQtUc7Y6TIccHC7+LQX5iub1R5lB/2zS4M2uxJXCP0JrOqaytx6oCJ X-Forefront-Antispam-Report: CIP:130.164.94.74;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:us-aus-excas-p2.ni.corp.natinst.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230031)(4636009)(346002)(39860400002)(376002)(136003)(396003)(230922051799003)(1800799009)(186009)(451199024)(64100799003)(82310400011)(36840700001)(40470700004)(46966006)(86362001)(36756003)(356005)(81166007)(47076005)(2616005)(1076003)(336012)(26005)(6666004)(478600001)(70586007)(70206006)(6916009)(41300700001)(316002)(82740400003)(5660300002)(44832011)(8936002)(8676002)(4744005)(2906002)(4326008)(36860700001)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1102; X-OriginatorOrg: ni.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Oct 2023 00:28:38.8931 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b4f7f450-5561-43ae-7634-08dbcc4c82f9 X-MS-Exchange-CrossTenant-Id: 87ba1f9a-44cd-43a6-b008-6fdb45a5204e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=87ba1f9a-44cd-43a6-b008-6fdb45a5204e;Ip=[130.164.94.74];Helo=[us-aus-excas-p2.ni.corp.natinst.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR04MB9010 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 14 Oct 2023 00:28:54 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189109 Signed-off-by: Chaitanya Vadrevu --- .../binutils/binutils/0025-CVE-2023-25588.patch | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch b/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch index 142d201c401..9b5825037fb 100644 --- a/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch +++ b/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch @@ -17,8 +17,10 @@ anyway, so get rid of them. Also, simplify and correct sanity checks. Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1] CVE: CVE-2023-25588 +CVE: CVE-2022-47696 Signed-off-by: Deepthi Hemraj +Signed-off-by: Chaitanya Vadrevu ---