ELSA-2025-23306
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-23306
ELSA-2025-23306 - binutils security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-12-19 |
Description
[2.41-58.0.1.2]
- Forward-port Oracle patches to 2.41-58.2
- CVE-2025-11082
- CVE-2025-11083
Reviewed-by: David Faust
Oracle history:
September-29-2025 David Faust
- Forward-port Oracle patches to 2.41-58.
Reviewed-by: Jose E. Marchesi
August-29-2025 Bruce McCulloch
- Forward-port Oracle patches to 2.41-57.
Reviewed-by: Jose E. Marchesi
Jun-04-2025 Bruce McCulloch
- Add binutils-orabug-38018827.patch.
- Fix ctf_dict_open clobbering errno.
- Backport of upstream commit:
- 14303d6295e libctf: archive, open: when opening, always set errp to
something.
- [Orabug: 38018827]
- Add binutils-orabug-38018828.patch.
- In kernel links, properly hide CTF types only if conflicting.
- Backport of upstream commits:
- 75e514cfa56 Revert 'libctf: fix linking of non-root-visible types'
- 002957be18e libctf: dedup: improve hiding of conflicting types in the
same dict
- [Orabug: 38018828]
Reviewed-by: Jose E. Marchesi
Reviewed-by: Nick Alcock
Reviewed-by: Elena Zannoni
May-28-2025 Vladimir Mezentsev
- Backported updates for gprofng.
Reviewed-by: Bruce McCulloch
April-02-2025 Bruce McCulloch
- Merge Oracle patches to 2.41-53.
Reviewed-by: Jose E. Marchesi
November-28-2024 Nick Alcock
- Latest CTF changes from upstream
- add ctf_dict_set_flag, ctf_lookup_enumerator, ctf_lookup_enumerator_next,
ctf_arc_lookup_enumerator_next; consider enums with differing enumerators
to be conflicting
- add documentation to ctf-api.h
- allow modification of ctf_opened dicts and opening of foreign-
endian older dicts
- looking up types by name prefers non-bitfields if possible
- bugfixes to parent propagation, rewriting of existing dicts,
ctf_archive_count, CU-mapped links, and dumping and linking of
non-root-visible types.
- fix a bunch of small leaks and one big one (on ctf_open error)
- fix a write into freed memory after ctf_rollback and writeout
- internal improvements to serialization, name lookup, symbol
lookup, string handling, and more
- explicitly disable zstd support (enabling requires addition of zstd to
the .so scripts)
[2.41-58.2]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-126875)
[2.41-58.1]
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-125206)
Related CVEs
| CVE-2025-11082 |
| CVE-2025-11083 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 10 (aarch64) | binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_aarch64_addons |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_aarch64_appstream | |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_aarch64_baseos_latest | |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_aarch64_u1_baseos_patch | |
| binutils-2.41-58.0.1.el10_1.2.aarch64.rpm | aa93c5c2857c5c74551866dd015ab764d39caab5a1b0c1374ccdb40fb7122489 | - | ol10_aarch64_baseos_latest | |
| binutils-2.41-58.0.1.el10_1.2.aarch64.rpm | aa93c5c2857c5c74551866dd015ab764d39caab5a1b0c1374ccdb40fb7122489 | - | ol10_aarch64_u1_baseos_patch | |
| binutils-devel-2.41-58.0.1.el10_1.2.aarch64.rpm | d270eaa157ec052153111d42de7213f89d8e8b8c75c4aaf55ab2925d667f6cd8 | - | ol10_aarch64_appstream | |
| binutils-gold-2.41-58.0.1.el10_1.2.aarch64.rpm | d725af766074cb4302a33e1ac351b2d24332393f9bf651d954ad92ebfed74d71 | - | ol10_aarch64_baseos_latest | |
| binutils-gold-2.41-58.0.1.el10_1.2.aarch64.rpm | d725af766074cb4302a33e1ac351b2d24332393f9bf651d954ad92ebfed74d71 | - | ol10_aarch64_u1_baseos_patch | |
| binutils-gprofng-2.41-58.0.1.el10_1.2.aarch64.rpm | 696c6149547c836ab648fed1818290dd3a8467719fffe872a2e788cb9c7d83ba | - | ol10_aarch64_addons | |
| Oracle Linux 10 (x86_64) | binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_x86_64_addons |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_x86_64_appstream | |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_x86_64_baseos_latest | |
| binutils-2.41-58.0.1.el10_1.2.src.rpm | f8e5f45e029f23a88e28ea7be118c63bbe2a4798a525e6353ab7df9712fbc910 | - | ol10_x86_64_u1_baseos_patch | |
| binutils-2.41-58.0.1.el10_1.2.x86_64.rpm | 009e5f66c6acf8410bcb66dcb928c7bc90b882b586ba73acaf90ff99faa3cb2a | - | ol10_x86_64_baseos_latest | |
| binutils-2.41-58.0.1.el10_1.2.x86_64.rpm | 009e5f66c6acf8410bcb66dcb928c7bc90b882b586ba73acaf90ff99faa3cb2a | - | ol10_x86_64_u1_baseos_patch | |
| binutils-devel-2.41-58.0.1.el10_1.2.x86_64.rpm | e4f22212787334a580f9ab5328d3e64693a44243291a0866f7fa05fde5e53960 | - | ol10_x86_64_appstream | |
| binutils-gold-2.41-58.0.1.el10_1.2.x86_64.rpm | f039254a7b294243ef2b00e79c0ab40ec626149149988fafa1f561d37b03c14f | - | ol10_x86_64_baseos_latest | |
| binutils-gold-2.41-58.0.1.el10_1.2.x86_64.rpm | f039254a7b294243ef2b00e79c0ab40ec626149149988fafa1f561d37b03c14f | - | ol10_x86_64_u1_baseos_patch | |
| binutils-gprofng-2.41-58.0.1.el10_1.2.x86_64.rpm | da9b88259cbf8b77739ebc8caddf0e8fa3371190e684124bc66243690f98772e | - | ol10_x86_64_addons | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
