From ffb987f01542bc03f519af97a0ccc36ef2d7f300 Mon Sep 17 00:00:00 2001
From: Azure Linux Security Servicing Account
 <azurelinux-security@microsoft.com>
Date: Tue, 19 May 2026 07:05:38 +0000
Subject: [PATCH 1/2] Patch binutils for CVE-2025-3198

---
 SPECS/binutils/CVE-2025-3198.patch            | 29 +++++++++++++++++++
 SPECS/binutils/binutils.spec                  |  6 +++-
 .../manifests/package/pkggen_core_aarch64.txt |  4 +--
 .../manifests/package/pkggen_core_x86_64.txt  |  4 +--
 .../manifests/package/toolchain_aarch64.txt   |  6 ++--
 .../manifests/package/toolchain_x86_64.txt    | 10 +++----
 6 files changed, 46 insertions(+), 13 deletions(-)
 create mode 100644 SPECS/binutils/CVE-2025-3198.patch

diff --git a/SPECS/binutils/CVE-2025-3198.patch b/SPECS/binutils/CVE-2025-3198.patch
new file mode 100644
index 00000000000..1a32f644a12
--- /dev/null
+++ b/SPECS/binutils/CVE-2025-3198.patch
@@ -0,0 +1,29 @@
+From b61302d3462b829c85cf2ffa3ee1c4ddad79ab8b Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 19 Feb 2025 07:58:54 +1030
+Subject: [PATCH] PR32716, objdump -i memory leak
+
+	PR binutils/32716
+	* bucomm.c (display_info): Free arg.info.
+
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d;a=patch;
+---
+ binutils-2.41/binutils/bucomm.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/binutils-2.41/binutils/bucomm.c b/binutils-2.41/binutils/bucomm.c
+index c268fd3d..b40447c7 100644
+--- a/binutils-2.41/binutils/bucomm.c
++++ b/binutils-2.41/binutils/bucomm.c
+@@ -435,6 +435,7 @@ display_info (void)
+   if (!arg.error)
+     display_target_tables (&arg);
+ 
++  free (arg.info);
+   return arg.error;
+ }
+ 
+-- 
+2.45.4
+
diff --git a/SPECS/binutils/binutils.spec b/SPECS/binutils/binutils.spec
index f2c307f6c1a..f3a0bdd4879 100644
--- a/SPECS/binutils/binutils.spec
+++ b/SPECS/binutils/binutils.spec
@@ -21,7 +21,7 @@
 Summary:        Contains a linker, an assembler, and other tools
 Name:           binutils
 Version:        2.41
-Release:        12%{?dist}
+Release:        13%{?dist}
 License:        GPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -57,6 +57,7 @@ Patch23:        CVE-2025-11839.patch
 Patch24:        CVE-2025-69647.patch
 Patch25:        CVE-2026-4647.patch
 Patch26:        CVE-2026-6846.patch
+Patch27:        CVE-2025-3198.patch
 Provides:       bundled(libiberty)
 
 # Moving macro before the "SourceX" tags breaks PR checks parsing the specs.
@@ -346,6 +347,9 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %do_files aarch64-linux-gnu %{build_aarch64}
 
 %changelog
+* Tue May 19 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.41-13
+- Patch for CVE-2025-3198
+
 * Mon May 04 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.41-12
 - Patch for CVE-2026-6846
 
diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
index ba557f57e4b..945a1e2715c 100644
--- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt
@@ -13,8 +13,8 @@ zlib-devel-1.3.2-1.azl3.aarch64.rpm
 file-5.45-1.azl3.aarch64.rpm
 file-devel-5.45-1.azl3.aarch64.rpm
 file-libs-5.45-1.azl3.aarch64.rpm
-binutils-2.41-12.azl3.aarch64.rpm
-binutils-devel-2.41-12.azl3.aarch64.rpm
+binutils-2.41-13.azl3.aarch64.rpm
+binutils-devel-2.41-13.azl3.aarch64.rpm
 gmp-6.3.0-1.azl3.aarch64.rpm
 gmp-devel-6.3.0-1.azl3.aarch64.rpm
 mpfr-4.2.1-1.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
index 0016d7f983d..bef98ecde95 100644
--- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
+++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt
@@ -13,8 +13,8 @@ zlib-devel-1.3.2-1.azl3.x86_64.rpm
 file-5.45-1.azl3.x86_64.rpm
 file-devel-5.45-1.azl3.x86_64.rpm
 file-libs-5.45-1.azl3.x86_64.rpm
-binutils-2.41-12.azl3.x86_64.rpm
-binutils-devel-2.41-12.azl3.x86_64.rpm
+binutils-2.41-13.azl3.x86_64.rpm
+binutils-devel-2.41-13.azl3.x86_64.rpm
 gmp-6.3.0-1.azl3.x86_64.rpm
 gmp-devel-6.3.0-1.azl3.x86_64.rpm
 mpfr-4.2.1-1.azl3.x86_64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
index edd476ee940..aa82bc69445 100644
--- a/toolkit/resources/manifests/package/toolchain_aarch64.txt
+++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -30,9 +30,9 @@ bash-5.2.15-3.azl3.aarch64.rpm
 bash-debuginfo-5.2.15-3.azl3.aarch64.rpm
 bash-devel-5.2.15-3.azl3.aarch64.rpm
 bash-lang-5.2.15-3.azl3.aarch64.rpm
-binutils-2.41-12.azl3.aarch64.rpm
-binutils-debuginfo-2.41-12.azl3.aarch64.rpm
-binutils-devel-2.41-12.azl3.aarch64.rpm
+binutils-2.41-13.azl3.aarch64.rpm
+binutils-debuginfo-2.41-13.azl3.aarch64.rpm
+binutils-devel-2.41-13.azl3.aarch64.rpm
 bison-3.8.2-1.azl3.aarch64.rpm
 bison-debuginfo-3.8.2-1.azl3.aarch64.rpm
 bzip2-1.0.8-1.azl3.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
index e7f71e1b396..077679cd527 100644
--- a/toolkit/resources/manifests/package/toolchain_x86_64.txt
+++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -32,10 +32,10 @@ bash-5.2.15-3.azl3.x86_64.rpm
 bash-debuginfo-5.2.15-3.azl3.x86_64.rpm
 bash-devel-5.2.15-3.azl3.x86_64.rpm
 bash-lang-5.2.15-3.azl3.x86_64.rpm
-binutils-2.41-12.azl3.x86_64.rpm
-binutils-aarch64-linux-gnu-2.41-12.azl3.x86_64.rpm
-binutils-debuginfo-2.41-12.azl3.x86_64.rpm
-binutils-devel-2.41-12.azl3.x86_64.rpm
+binutils-2.41-13.azl3.x86_64.rpm
+binutils-aarch64-linux-gnu-2.41-13.azl3.x86_64.rpm
+binutils-debuginfo-2.41-13.azl3.x86_64.rpm
+binutils-devel-2.41-13.azl3.x86_64.rpm
 bison-3.8.2-1.azl3.x86_64.rpm
 bison-debuginfo-3.8.2-1.azl3.x86_64.rpm
 bzip2-1.0.8-1.azl3.x86_64.rpm
@@ -70,7 +70,7 @@ cracklib-lang-2.9.11-1.azl3.x86_64.rpm
 createrepo_c-1.0.3-1.azl3.x86_64.rpm
 createrepo_c-debuginfo-1.0.3-1.azl3.x86_64.rpm
 createrepo_c-devel-1.0.3-1.azl3.x86_64.rpm
-cross-binutils-common-2.41-12.azl3.noarch.rpm
+cross-binutils-common-2.41-13.azl3.noarch.rpm
 cross-gcc-common-13.2.0-7.azl3.noarch.rpm
 curl-8.11.1-6.azl3.x86_64.rpm
 curl-debuginfo-8.11.1-6.azl3.x86_64.rpm

From e67471c20a93307369c57ed66c3959adb3fa76c5 Mon Sep 17 00:00:00 2001
From: Akarsh Chaudhary <v-akarshc@microsoft.com>
Date: Tue, 19 May 2026 09:53:02 +0000
Subject: [PATCH 2/2] Updating patch to fix failing build.

---
 SPECS/binutils/CVE-2025-3198.patch | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/SPECS/binutils/CVE-2025-3198.patch b/SPECS/binutils/CVE-2025-3198.patch
index 1a32f644a12..641ed691461 100644
--- a/SPECS/binutils/CVE-2025-3198.patch
+++ b/SPECS/binutils/CVE-2025-3198.patch
@@ -9,13 +9,13 @@ Subject: [PATCH] PR32716, objdump -i memory leak
 Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
 Upstream-reference: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d;a=patch;
 ---
- binutils-2.41/binutils/bucomm.c | 1 +
+ binutils/bucomm.c | 1 +
  1 file changed, 1 insertion(+)
 
-diff --git a/binutils-2.41/binutils/bucomm.c b/binutils-2.41/binutils/bucomm.c
+diff --git a/binutils/bucomm.c b/binutils/bucomm.c
 index c268fd3d..b40447c7 100644
---- a/binutils-2.41/binutils/bucomm.c
-+++ b/binutils-2.41/binutils/bucomm.c
+--- a/binutils/bucomm.c
++++ b/binutils/bucomm.c
 @@ -435,6 +435,7 @@ display_info (void)
    if (!arg.error)
      display_target_tables (&arg);