diff --git a/backport-CVE-2025-7545.patch b/backport-CVE-2025-7545.patch new file mode 100644 index 0000000000000000000000000000000000000000..aff415803fc8225ee3d62defe00c8b1ca8acd50a --- /dev/null +++ b/backport-CVE-2025-7545.patch @@ -0,0 +1,44 @@ +From 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Sat, 21 Jun 2025 06:36:56 +0800 +Subject: [PATCH] objcopy: Don't extend the output section size + +Since the output section contents are copied from the input, don't +extend the output section size beyond the input section size. + + PR binutils/33049 + * objcopy.c (copy_section): Don't extend the output section + size beyond the input section size. + +Signed-off-by: H.J. Lu +--- + binutils/objcopy.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/binutils/objcopy.c b/binutils/objcopy.c +index 366e1079d82..2e98ba44c01 100644 +--- a/binutils/objcopy.c ++++ b/binutils/objcopy.c +@@ -4514,6 +4514,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) + char *to = (char *) memhunk; + char *end = (char *) memhunk + size; + int i; ++ bfd_size_type memhunk_size = size; + + /* If the section address is not exactly divisible by the interleave, + then we must bias the from address. If the copy_byte is less than +@@ -4533,6 +4534,11 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) + } + + size = (size + interleave - 1 - copy_byte) / interleave * copy_width; ++ ++ /* Don't extend the output section size. */ ++ if (size > memhunk_size) ++ size = memhunk_size; ++ + osection->lma /= interleave; + if (copy_byte < extra) + osection->lma++; +-- +2.43.7 + diff --git a/binutils.spec b/binutils.spec index c6ac02aa8ca4f4afdcbfa14928dd09dfbc7f8eb8..0f2b72191f0be1151dd89cb2497906f8defc42e9 100644 --- a/binutils.spec +++ b/binutils.spec @@ -2,7 +2,7 @@ Summary: A GNU collection of binary utilities Name: binutils%{?_with_debug:-debug} Version: 2.41 -Release: 16 +Release: 17 License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later URL: https://sourceware.org/binutils @@ -371,6 +371,8 @@ Patch5011: backport-CVE-2025-0840.patch Patch5012: backport-CVE-2025-3198.patch Patch6001: backport-CVE-2025-7546.patch + +Patch6002: backport-CVE-2025-7545.patch #---------------------------------------------------------------------------- Provides: bundled(libiberty) @@ -1385,6 +1387,9 @@ exit 0 #---------------------------------------------------------------------------- %changelog +* Mon Aug 11 2025 Linux_zhang - 2.41-17 +- Fix CVE-2025-7545 + * Mon Jul 28 2025 zhangjian - 2.41-16 - fix cve-2025-7456