6 matches found
EUVD-2025-4755
Malicious code in bioql PyPI...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...
CVE-2024-57261
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258...
CVE-2024-57262
CVE-2024-57262 affects barebox prior to 2025.01.0. The flaw is in ext4fs_read_symlink, where a zalloc overflow (adding one to an le32) on a crafted ext4 filesystem with inode size 0xffffffff causes a malloc(0) and a subsequent memory overwrite. This yields a high-severity impact (memory corruptio...
CVE-2024-57261
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258...
CVE-2024-57262
In barebox before 2025.01.0, ext4fsreadsymlink has an integer overflow for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256...