From 0eefb91ddd4d111a3dabbef6e4e32bfb3401bf22 Mon Sep 17 00:00:00 2001 From: wangxiao65 Date: Tue, 4 Nov 2025 01:18:22 +0000 Subject: [PATCH] fix CVE-2025-11840 (cherry picked from commit 657a869dc1fc47a49415b552185b6049cd419725) --- backport-CVE-2025-11840.patch | 35 +++++++++++++++++++++++++++++++++++ gdb.spec | 6 +++++- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2025-11840.patch diff --git a/backport-CVE-2025-11840.patch b/backport-CVE-2025-11840.patch new file mode 100644 index 0000000..7a942ba --- /dev/null +++ b/backport-CVE-2025-11840.patch @@ -0,0 +1,35 @@ +From f6b0f53a36820da91eadfa9f466c22f92e4256e0 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Mon, 3 Nov 2025 09:03:37 +1030 +Subject: [PATCH] PR 33455 SEGV in vfinfo at ldmisc.c:527 + +A reloc howto set up with EMPTY_HOWTO has a NULL name. More than one +place emitting diagnostics assumes a reloc howto won't have a NULL +name. + + PR 33455 + * coffcode.h (coff_slurp_reloc_table): Don't allow a howto with + a NULL name. + +Reference:https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f6b0f53a36820da91eadfa9f466c22f92e4256e0 +Conflict:NA +--- + bfd/coffcode.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bfd/coffcode.h b/bfd/coffcode.h +index 1e5acc0032c..ce1e39131b4 100644 +--- a/bfd/coffcode.h ++++ b/bfd/coffcode.h +@@ -5345,7 +5345,7 @@ coff_slurp_reloc_table (bfd * abfd, sec_ptr asect, asymbol ** symbols) + RTYPE2HOWTO (cache_ptr, &dst); + #endif /* RELOC_PROCESSING */ + +- if (cache_ptr->howto == NULL) ++ if (cache_ptr->howto == NULL || cache_ptr->howto->name == NULL) + { + _bfd_error_handler + /* xgettext:c-format */ +-- +2.33.0 + diff --git a/gdb.spec b/gdb.spec index 7051e56..2c1f382 100644 --- a/gdb.spec +++ b/gdb.spec @@ -1,6 +1,6 @@ Name: gdb Version: 14.1 -Release: 10 +Release: 11 License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ and GPLv2+ with exceptions and GPL+ and LGPLv2+ and LGPLv3+ and BSD and Public Domain and GFDL-1.3 Source: https://ftp.gnu.org/gnu/gdb/gdb-%{version}.tar.xz @@ -64,6 +64,7 @@ Patch50: backport-CVE-2025-11082.patch Patch51: backport-CVE-2025-11494.patch Patch52: backport-CVE-2025-11083.patch Patch53: backport-CVE-2025-11412.patch +Patch54: backport-CVE-2025-11840.patch Patch9000: 0001-set-entry-point-when-text-segment-is-missing.patch @@ -341,6 +342,9 @@ rm -f $RPM_BUILD_ROOT%{_datadir}/gdb/python/gdb/command/backtrace.py %{_infodir}/ctf-spec.info* %changelog +* Tue Nov 04 2025 wangxiao - 14.1-11 +- fix CVE-2025-11840 + * Fri Oct 31 2025 wangxiao - 14.1-10 - fix CVE-2025-11412 -- Gitee