Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cb131317 by Salvatore Bonaccorso at 2025-02-18T08:00:48+01:00 Add new set of u-boot issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,29 @@ +CVE-2024-57259 [Heap corruption in U-Boot's SquashFS directory listing function] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/048d795bb5b3d9c5701b4855f5e74bcf6849bf5e (v2025.01-rc1) +CVE-2024-57258 [Multiple integer overflows in U-Boot's memory allocator] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/0a10b49206a29b4aa2f80233a3e53ca0466bb0b3 (v2025.01-rc1) + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/8642b2178d2c4002c99a0b69a845a48f2ae2706f (v2025.01-rc1) + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/c17b2a05dd50a3ba437e6373093a0d6a359cdee0 (v2025.01-rc1) +CVE-2024-57257 [Stack overflow in U-Boot's SquashFS symlink resolution function] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/4f5cc096bfd0a591f8a11e86999e3d90a9484c34 (v2025.01-rc1) +CVE-2024-57256 [Integer overflow in U-Boot's ext4 symlink resolution function] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9 (v2025.01-rc1) +CVE-2024-57255 [Integer overflow in U-Boot's SquashFS symlink resolution function] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/233945eba63e24061dffeeaeb7cd6fe985278356 (v2025.01-rc1) +CVE-2024-57254 [Integer overflow in U-Boot's SquashFS symlink size calculation function] + - u-boot <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2 + NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/c8e929e5758999933f9e905049ef2bf3fe6b140d (v2025.01-rc1) CVE-2024-57262 - barebox <itp> (bug #900958) CVE-2024-57261 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb1313173b16c2ad1ea00a941e8f82c65a990b7a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb1313173b16c2ad1ea00a941e8f82c65a990b7a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
