5 matches found
EUVD-2026-29347
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
Barebox 输入验证错误漏洞
Barebox is a versatile and flexible bootloader developed by Barebox Open Source. Versions of barebox prior to 2026.04.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows and unvalidated boundaries within the EFI PE loader, which could...