[AutoPR- Security] Patch elfutils for CVE-2024-25260 [MEDIUM] (microsoft#14949)

azurelinux-security · web-flow · commit 6f762de13bbb · 2025-10-30T20:23:01.000+05:30
diff --git a/SPECS/elfutils/CVE-2024-25260.patch b/SPECS/elfutils/CVE-2024-25260.patch
@@ -0,0 +1,37 @@
+From c0e0ac70a6add189194581be409a0ac0eb0a971b Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mark@klomp.org>
+Date: Mon, 13 Nov 2023 22:38:10 +0100
+Subject: [PATCH] backends: Fix arm_machine_flag_name version string.
+
+arm_machine_flag_name checks the version byte and if not zero returns
+a version string. There are only 5 versions defined. So check the
+version byte is not larger.
+
+	* backends/arm_machineflagname.c (arm_machine_flag_name):
+	Check version <= 0, otherwise return NULL.
+
+https://sourceware.org/bugzilla/show_bug.cgi?id=31058
+
+Signed-off-by: Mark Wielaard <mark@klomp.org>
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: https://sourceware.org/git/?p=elfutils.git;a=patch;h=373f5212677235fc3ca6068b887111554790f944
+---
+ backends/arm_machineflagname.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/backends/arm_machineflagname.c b/backends/arm_machineflagname.c
+index e93092a..d700d5f 100644
+--- a/backends/arm_machineflagname.c
++++ b/backends/arm_machineflagname.c
+@@ -48,7 +48,7 @@ arm_machine_flag_name (Elf64_Word orig, Elf64_Word *flagref)
+ 	  "Version5 EABI",
+         };
+       *flagref &= ~((Elf64_Word) EF_ARM_EABIMASK);
+-      return vername[version - 1];
++      return version <= 5 ? vername[version - 1] : NULL;
+     }
+   switch (EF_ARM_EABI_VERSION (orig))
+     {
+-- 
+2.45.4
+
diff --git a/SPECS/elfutils/elfutils.spec b/SPECS/elfutils/elfutils.spec
@@ -4,7 +4,7 @@
 Summary:        A collection of utilities and DSOs to handle compiled objects
 Name:           elfutils
 Version:        0.189
-Release:        5%{?dist}
+Release:        6%{?dist}
 License:        GPLv3+ AND (GPLv2+ OR LGPLv3+)
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -17,6 +17,7 @@ Patch0:         CVE-2025-1372.patch
 Patch1:         CVE-2025-1376.patch
 Patch2:         CVE-2025-1377.patch
 Patch3:         CVE-2025-1352.patch
+Patch4:         CVE-2024-25260.patch
 
 BuildRequires:  bison >= 1.875
 BuildRequires:  bzip2-devel
@@ -283,6 +284,9 @@ fi
 %defattr(-,root,root)
 
 %changelog
+* Wed Oct 29 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 0.189-6
+- Patch for CVE-2024-25260
+
 * Wed Jan 15 2025 Durga Jagadeesh Palli <v-dpalli@microsoft.com> - 0.189-5
 - add patch for CVE-2025-1352
 
diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -91,14 +91,14 @@ popt-lang-1.19-1.azl3.aarch64.rpm
 sqlite-3.44.0-2.azl3.aarch64.rpm
 sqlite-devel-3.44.0-2.azl3.aarch64.rpm
 sqlite-libs-3.44.0-2.azl3.aarch64.rpm
-elfutils-0.189-5.azl3.aarch64.rpm
-elfutils-default-yama-scope-0.189-5.azl3.noarch.rpm
-elfutils-devel-0.189-5.azl3.aarch64.rpm
-elfutils-devel-static-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-devel-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-devel-static-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-lang-0.189-5.azl3.aarch64.rpm
+elfutils-0.189-6.azl3.aarch64.rpm
+elfutils-default-yama-scope-0.189-6.azl3.noarch.rpm
+elfutils-devel-0.189-6.azl3.aarch64.rpm
+elfutils-devel-static-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-devel-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-devel-static-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-lang-0.189-6.azl3.aarch64.rpm
 expat-2.6.4-2.azl3.aarch64.rpm
 expat-devel-2.6.4-2.azl3.aarch64.rpm
 expat-libs-2.6.4-2.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
@@ -91,14 +91,14 @@ popt-lang-1.19-1.azl3.x86_64.rpm
 sqlite-3.44.0-2.azl3.x86_64.rpm
 sqlite-devel-3.44.0-2.azl3.x86_64.rpm
 sqlite-libs-3.44.0-2.azl3.x86_64.rpm
-elfutils-0.189-5.azl3.x86_64.rpm
-elfutils-default-yama-scope-0.189-5.azl3.noarch.rpm
-elfutils-devel-0.189-5.azl3.x86_64.rpm
-elfutils-devel-static-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-devel-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-devel-static-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-lang-0.189-5.azl3.x86_64.rpm
+elfutils-0.189-6.azl3.x86_64.rpm
+elfutils-default-yama-scope-0.189-6.azl3.noarch.rpm
+elfutils-devel-0.189-6.azl3.x86_64.rpm
+elfutils-devel-static-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-devel-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-devel-static-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-lang-0.189-6.azl3.x86_64.rpm
 expat-2.6.4-2.azl3.x86_64.rpm
 expat-devel-2.6.4-2.azl3.x86_64.rpm
 expat-libs-2.6.4-2.azl3.x86_64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -85,15 +85,15 @@ e2fsprogs-debuginfo-1.47.0-2.azl3.aarch64.rpm
 e2fsprogs-devel-1.47.0-2.azl3.aarch64.rpm
 e2fsprogs-lang-1.47.0-2.azl3.aarch64.rpm
 e2fsprogs-libs-1.47.0-2.azl3.aarch64.rpm
-elfutils-0.189-5.azl3.aarch64.rpm
-elfutils-debuginfo-0.189-5.azl3.aarch64.rpm
-elfutils-default-yama-scope-0.189-5.azl3.noarch.rpm
-elfutils-devel-0.189-5.azl3.aarch64.rpm
-elfutils-devel-static-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-devel-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-devel-static-0.189-5.azl3.aarch64.rpm
-elfutils-libelf-lang-0.189-5.azl3.aarch64.rpm
+elfutils-0.189-6.azl3.aarch64.rpm
+elfutils-debuginfo-0.189-6.azl3.aarch64.rpm
+elfutils-default-yama-scope-0.189-6.azl3.noarch.rpm
+elfutils-devel-0.189-6.azl3.aarch64.rpm
+elfutils-devel-static-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-devel-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-devel-static-0.189-6.azl3.aarch64.rpm
+elfutils-libelf-lang-0.189-6.azl3.aarch64.rpm
 expat-2.6.4-2.azl3.aarch64.rpm
 expat-debuginfo-2.6.4-2.azl3.aarch64.rpm
 expat-devel-2.6.4-2.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -90,15 +90,15 @@ e2fsprogs-debuginfo-1.47.0-2.azl3.x86_64.rpm
 e2fsprogs-devel-1.47.0-2.azl3.x86_64.rpm
 e2fsprogs-lang-1.47.0-2.azl3.x86_64.rpm
 e2fsprogs-libs-1.47.0-2.azl3.x86_64.rpm
-elfutils-0.189-5.azl3.x86_64.rpm
-elfutils-debuginfo-0.189-5.azl3.x86_64.rpm
-elfutils-default-yama-scope-0.189-5.azl3.noarch.rpm
-elfutils-devel-0.189-5.azl3.x86_64.rpm
-elfutils-devel-static-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-devel-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-devel-static-0.189-5.azl3.x86_64.rpm
-elfutils-libelf-lang-0.189-5.azl3.x86_64.rpm
+elfutils-0.189-6.azl3.x86_64.rpm
+elfutils-debuginfo-0.189-6.azl3.x86_64.rpm
+elfutils-default-yama-scope-0.189-6.azl3.noarch.rpm
+elfutils-devel-0.189-6.azl3.x86_64.rpm
+elfutils-devel-static-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-devel-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-devel-static-0.189-6.azl3.x86_64.rpm
+elfutils-libelf-lang-0.189-6.azl3.x86_64.rpm
 expat-2.6.4-2.azl3.x86_64.rpm
 expat-debuginfo-2.6.4-2.azl3.x86_64.rpm
 expat-devel-2.6.4-2.azl3.x86_64.rpm
