diff options
author | Armin Kuster <akuster808@gmail.com> | 2017-11-26 16:31:27 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-12-11 22:01:56 +0000 |
commit | 2a1da95cf865de024d278178b28e58a299526121 (patch) | |
tree | 34fd36f309bc36d954c4b9905a17393721ea8393 | |
parent | 02e45129712d7629bfbe3675ed8e735f66ae6301 (diff) | |
download | openembedded-core-contrib-2a1da95cf865de024d278178b28e58a299526121.tar.gz |
binutls: Security fix for CVE-2017-9755
Affects: <= 2.28
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.28.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-9755.patch | 63 |
2 files changed, 64 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.28.inc b/meta/recipes-devtools/binutils/binutils-2.28.inc index c6ef6478aa..b4299c8897 100644 --- a/meta/recipes-devtools/binutils/binutils-2.28.inc +++ b/meta/recipes-devtools/binutils/binutils-2.28.inc @@ -65,6 +65,7 @@ SRC_URI = "\ file://CVE-2017-9751.patch \ file://CVE-2017-9752.patch \ file://CVE-2017-9753.patch \ + file://CVE-2017-9755.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9755.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9755.patch new file mode 100644 index 0000000000..15dc9090d8 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9755.patch @@ -0,0 +1,63 @@ +From 0d96e4df4812c3bad77c229dfef47a9bc115ac12 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" <hjl.tools@gmail.com> +Date: Thu, 15 Jun 2017 06:40:17 -0700 +Subject: [PATCH] i386-dis: Check valid bnd register + +Since there are only 4 bnd registers, return "(bad)" for register +number > 3. + + PR binutils/21594 + * i386-dis.c (OP_E_register): Check valid bnd register. + (OP_G): Likewise. + +Upstream-Status: Backport +CVE: CVE-2017-9755 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + opcodes/ChangeLog | 6 ++++++ + opcodes/i386-dis.c | 10 ++++++++++ + 2 files changed, 16 insertions(+) + +Index: git/opcodes/ChangeLog +=================================================================== +--- git.orig/opcodes/ChangeLog ++++ git/opcodes/ChangeLog +@@ -1,3 +1,9 @@ ++2017-06-15 H.J. Lu <hongjiu.lu@intel.com> ++ ++ PR binutils/21594 ++ * i386-dis.c (OP_E_register): Check valid bnd register. ++ (OP_G): Likewise. ++ + 2017-06-15 Nick Clifton <nickc@redhat.com> + + PR binutils/21588 +Index: git/opcodes/i386-dis.c +=================================================================== +--- git.orig/opcodes/i386-dis.c ++++ git/opcodes/i386-dis.c +@@ -14939,6 +14939,11 @@ OP_E_register (int bytemode, int sizefla + names = address_mode == mode_64bit ? names64 : names32; + break; + case bnd_mode: ++ if (reg > 0x3) ++ { ++ oappend ("(bad)"); ++ return; ++ } + names = names_bnd; + break; + case indir_v_mode: +@@ -15483,6 +15488,11 @@ OP_G (int bytemode, int sizeflag) + oappend (names64[modrm.reg + add]); + break; + case bnd_mode: ++ if (modrm.reg > 0x3) ++ { ++ oappend ("(bad)"); ++ return; ++ } + oappend (names_bnd[modrm.reg]); + break; + case v_mode: |