7 matches found
OESA-2025-1213 uboot-tools security update
This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink siz...
CVE-2024-57255
creationtimestamp| type| source ---|---|--- 2025-02-18 23:16:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liifebi6ir27 2025-02-19 01:11:06+00:00| seen| https://t.me/cvedetector/18388 2025-02-19 02:11:35+00:00| seen|...
CVE-2024-57255
CVE-2024-57255 concerns Das U-Boot up to 2025.01-rc1, where an integer overflow in sqfs_resolve_symlink is triggered by a crafted squashfs with inode size 0xffffffff, causing a zero malloc and a memory overwrite. The linked sources confirm the affected component and root cause; remediation is a p...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...
CVE-2024-57255
An integer overflow in sqfsresolvesymlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...