On Wed, Nov 07, 2018 at 02:51:46PM -0500, Tom Rini wrote: > From: Konrad Beckmann <[email protected]> > > A specially crafted FIT image makes it possible to overflow the stack > with controlled values when using the verified boot feature. Depending > on the memory layout, this could be used to overwrite configuration > variables on the heap and setting them to 0, e.g. disable signature > verification, thus bypassing it. > > This change fixes a bug in fdt_find_regions where the fdt structure is > parsed. A lower value than -1 of depth can lead to a buffer underflow > write on the stack. > > Signed-off-by: Konrad Beckmann <[email protected]> > Reviewed-by: Simon Glass <[email protected]>
Applied to u-boot/master, thanks! -- Tom
signature.asc
Description: PGP signature
_______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
