summaryrefslogtreecommitdiffstats
path: root/scripts/lib/devtool/utilcmds.py
diff options
context:
space:
mode:
authorHongxu Jia <hongxu.jia@windriver.com>2025-02-19 15:04:35 +0800
committerSteve Sakoman <steve@sakoman.com>2025-02-28 06:45:14 -0800
commit35f98c1ff33a18315fed1d649ce3982fb18c9d2c (patch)
treea143ea4de9cad10f991d9f1fd1757a131290211b /scripts/lib/devtool/utilcmds.py
parent618c5fdb1461891a812bce5131339873a96b12fe (diff)
downloadpoky-35f98c1ff33a18315fed1d649ce3982fb18c9d2c.tar.gz
u-boot: fix CVE-2024-57256
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. https://nvd.nist.gov/vuln/detail/CVE-2024-57256 (From OE-Core rev: 21e6ac6e53112b9dddc5a84f27be5851469b9c46) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'scripts/lib/devtool/utilcmds.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-28 20:29:00 +0000