diff --git a/binutils-CVE-2019-9077.patch b/binutils-CVE-2019-9077.patch new file mode 100644 index 0000000..1790bfa --- /dev/null +++ b/binutils-CVE-2019-9077.patch @@ -0,0 +1,16 @@ +--- binutils.orig/binutils/readelf.c 2019-02-26 11:17:12.414525772 +0000 ++++ binutils-2.31.1/binutils/readelf.c 2019-02-26 12:11:40.642876742 +0000 +@@ -16009,6 +16009,13 @@ process_mips_specific (Filedata * fileda + return FALSE; + } + ++ /* PR 24243 */ ++ if (sect->sh_size < sizeof (* eopt)) ++ { ++ error (_("The MIPS options section is too small.\n")); ++ return FALSE; ++ } ++ + eopt = (Elf_External_Options *) get_data (NULL, filedata, options_offset, 1, + sect->sh_size, _("options")); + if (eopt) diff --git a/binutils.spec b/binutils.spec index 8a30ec0..b507e87 100644 --- a/binutils.spec +++ b/binutils.spec @@ -69,7 +69,7 @@ Summary: A GNU collection of binary utilities Name: %{?cross}binutils%{?_with_debug:-debug} Version: 2.31.1 -Release: 22%{?dist} +Release: 23%{?dist} License: GPLv3+ URL: https://sourceware.org/binutils @@ -219,6 +219,10 @@ Patch24: binutils-CVE-2019-9074.patch # Lifetime: Fixed in 2.33 Patch25: binutils-CVE-2019-9075.patch +# Purpose: Stop illegal memory access parsing a corrupt MIPS binary. +# Lifetime: Fixed in 2.33 +Patch26: binutils-CVE-2019-9077.patch + #---------------------------------------------------------------------------- Provides: bundled(libiberty) @@ -367,6 +371,7 @@ using libelf instead of BFD. %patch23 -p1 %patch24 -p1 %patch25 -p1 +%patch26 -p1 # We cannot run autotools as there is an exact requirement of autoconf-2.59. @@ -774,6 +779,9 @@ exit 0 #---------------------------------------------------------------------------- %changelog +* Tue Feb 26 2019 Nick Clifton - 2.31.1-23 +- Stop potential illegal memory access when parsing a corrupt MIPS binary. (#1680676) + * Tue Feb 26 2019 Nick Clifton - 2.31.1-22 - Stop potential illegal memory access when parsing corrupt archives. (#1680670)