From 9a1433f51300be94a0b34f9b47b088ed09555dd2 Mon Sep 17 00:00:00 2001 From: Linux_zhang Date: Mon, 11 Aug 2025 14:49:15 +0800 Subject: [PATCH] fix CVE-2025-7545 --- backport-CVE-2025-7545.patch | 44 ++++++++++++++++++++++++++++++++++++ binutils.spec | 7 +++++- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2025-7545.patch diff --git a/backport-CVE-2025-7545.patch b/backport-CVE-2025-7545.patch new file mode 100644 index 0000000..aff4158 --- /dev/null +++ b/backport-CVE-2025-7545.patch @@ -0,0 +1,44 @@ +From 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Sat, 21 Jun 2025 06:36:56 +0800 +Subject: [PATCH] objcopy: Don't extend the output section size + +Since the output section contents are copied from the input, don't +extend the output section size beyond the input section size. + + PR binutils/33049 + * objcopy.c (copy_section): Don't extend the output section + size beyond the input section size. + +Signed-off-by: H.J. Lu +--- + binutils/objcopy.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/binutils/objcopy.c b/binutils/objcopy.c +index 366e1079d82..2e98ba44c01 100644 +--- a/binutils/objcopy.c ++++ b/binutils/objcopy.c +@@ -4514,6 +4514,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) + char *to = (char *) memhunk; + char *end = (char *) memhunk + size; + int i; ++ bfd_size_type memhunk_size = size; + + /* If the section address is not exactly divisible by the interleave, + then we must bias the from address. If the copy_byte is less than +@@ -4533,6 +4534,11 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) + } + + size = (size + interleave - 1 - copy_byte) / interleave * copy_width; ++ ++ /* Don't extend the output section size. */ ++ if (size > memhunk_size) ++ size = memhunk_size; ++ + osection->lma /= interleave; + if (copy_byte < extra) + osection->lma++; +-- +2.43.7 + diff --git a/binutils.spec b/binutils.spec index f4ae3dc..31a8555 100644 --- a/binutils.spec +++ b/binutils.spec @@ -2,7 +2,7 @@ Summary: A GNU collection of binary utilities Name: binutils%{?_with_debug:-debug} Version: 2.41 -Release: 18 +Release: 19 License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later URL: https://sourceware.org/binutils @@ -377,6 +377,8 @@ Patch6001: aarch64-add-l4-instruction.patch Patch6002: backport-CVE-2025-7546.patch +Patch6003: backport-CVE-2025-7545.patch + Provides: bundled(libiberty) %if %{with debug} @@ -1389,6 +1391,9 @@ exit 0 #---------------------------------------------------------------------------- %changelog +* Mon Aug 11 2025 Linux_zhang - 2.41-19 +- fix CVE-2025-7545 + * Mon Jul 28 2025 zhangjian - 2.41-18 - fix cve-2025-7546 -- Gitee