On 7 November 2018 at 11:51, Tom Rini <[email protected]> wrote: > From: Konrad Beckmann <[email protected]> > > A specially crafted FIT image makes it possible to overflow the stack > with controlled values when using the verified boot feature. Depending > on the memory layout, this could be used to overwrite configuration > variables on the heap and setting them to 0, e.g. disable signature > verification, thus bypassing it. > > This change fixes a bug in fdt_find_regions where the fdt structure is > parsed. A lower value than -1 of depth can lead to a buffer underflow > write on the stack. > > Signed-off-by: Konrad Beckmann <[email protected]> > --- > lib/libfdt/fdt_region.c | 3 +++ > 1 file changed, 3 insertions(+) >
Reviewed-by: Simon Glass <[email protected]> _______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
