34180 – binutils new security issues CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE-2025-1181, CVE-2025-1182

Bug 34180 - binutils new security issues CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE-2025-1181, CVE-2025-1182

Summary: binutils new security issues CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE...

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2025-04-09 11:23 CEST by Nicolas Salguero
Modified:	2025-11-05 23:50 CET (History)
CC List:	2 users (show)

See Also:
Source RPM:	binutils-2.40-11.1.mga9.src.rpm
CVE:	CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE-2025-1181, CVE-2025-1182
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2025-04-09 11:23:03 CEST

Ubuntu has issued an advisory on April 7:
https://ubuntu.com/security/notices/USN-7423-1

Nicolas Salguero 2025-04-09 11:23:30 CEST

CVE: (none) => CVE-2025-1153, CVE-2025-1176, CVE-2025-1178, CVE-2025-1181, CVE-2025-1182
Source RPM: (none) => binutils-2.43.1-3.mga10.src.rpm, binutils-2.40-11.1.mga9.src.rpm
Whiteboard: (none) => MGA9TOO

Comment 1 Lewis Smith 2025-04-09 20:45:30 CEST

I think these are the patches (shown differently):

https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=b425859021d17adf62f06fb904797cf8642986ad
https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b425859021d17adf62f06fb904797cf8642986ad

https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=f9978defb6fab0bd8583942d97c112b0932ac814
https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814

https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150
https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150

https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=75086e9de1707281172cc77f178e7949a4414ed0
https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0

https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=931494c9a89558acb36a03a340c01726545eef24
https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=931494c9a89558acb36a03a340c01726545eef24

No one packager in view, ssigning globally.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2025-04-11 11:15:52 CEST

For Cauldron, binutils-2.43.1-4.mga10 fixes those issues.

Whiteboard: MGA9TOO => (none)
Version: Cauldron => 9
Source RPM: binutils-2.43.1-3.mga10.src.rpm, binutils-2.40-11.1.mga9.src.rpm => binutils-2.40-11.1.mga9.src.rpm

Comment 3 Nicolas Salguero 2025-11-03 14:08:06 CET

Suggested advisory:
========================

The updated packages fix a security vulnerability:

GNU Binutils format.c bfd_set_format memory corruption. (CVE-2025-1153)

GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow. (CVE-2025-1176)

GNU Binutils ld libbfd.c bfd_putl64 memory corruption. (CVE-2025-1178)

GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption. (CVE-2025-1181)

GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption. (CVE-2025-1182)

References:
https://ubuntu.com/security/notices/USN-7423-1
========================

Updated packages in core/updates_testing:
========================
binutils-2.40-11.2.mga9
lib(64)binutils-devel-2.40-11.2.mga9

from SRPM:
binutils-2.40-11.2.mga9.src.rpm

Status: NEW => ASSIGNED
Assignee: pkg-bugs => qa-bugs

katnatek 2025-11-03 23:55:37 CET

Keywords: (none) => advisory

Comment 4 katnatek 2025-11-04 20:19:35 CET

installing binutils-2.40-11.2.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ####################################################################################################
      1/1: binutils              ####################################################################################################
      1/1: removing binutils-1:2.40-11.1.mga9.x86_64
                                 ####################################################################################################

Reference bug#34053 comment#3

LC_ALL=C objdump -x /bin/pulseaudio

/bin/pulseaudio:     file format elf64-x86-64
/bin/pulseaudio
architecture: i386:x86-64, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x0000000000407160

Program Header:
etc...

LC_ALL=C objdump -f /bin/gcc

/bin/gcc:     file format elf64-x86-64
architecture: i386:x86-64, flags 0x00000112:
EXEC_P, HAS_SYMS, D_PAGED
start address 0x0000000000405ec0

LC_ALL=C readelf -hl /bin/python
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           Advanced Micro Devices X86-64
etc...

strings /bin/lua | grep -i luaL
luaL_checkstack
luaL_loadfilex
luaL_error
luaL_checkversion_
luaL_len
luaL_newstate
luaL_tolstring
luaL_callmeta
luaL_loadbufferx
luaL_traceback
luaL_openlibs

Whiteboard: (none) => MGA9-64-OK
CC: (none) => andrewsfarm

Comment 5 Thomas Andrews 2025-11-05 22:00:29 CET

Validating.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2025-11-05 23:50:55 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0262.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.