Hi all, for entirely unrelated reasons I came accross CVE-2023-39902:
> A software vulnerability has been identified in the U-Boot Secondary Program > Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. Under > certain conditions, a crafted Flattened Image Tree (FIT) format structure > can be used to overwrite SPL memory, allowing unauthenticated software to > execute on the target, leading to privilege escalation. This links to https://community.nxp.com/t5/i-MX-Security/U-Boot-Secondary-Program-Loader-Authentication-Vulnerability-CVE/ta-p/1736196, which links 4 patches. The relevant one seems to me https://github.com/nxp-imx/uboot-imx/ commit/0746cfd931de8f7591d263ff60dd806ffe23c093, and for my limited understanding the actual fix is the first hunk. A similar change has been made in 6039e0edc8540bd2a ("imx: hab: Simplify the mechanism"), so I wonder if this is just an unnoticed instance of the very same bug? Opinions? Regards, Eike -- Rolf Eike Beer emlix GmbH Headquarters: Berliner Str. 12, 37073 Göttingen, Germany Phone +49 (0)551 30664-0, e-mail [email protected] District Court of Göttingen, Registry Number HR B 3160 Managing Directors: Heike Jordan, Dr. Uwe Kracke VAT ID No. DE 205 198 055 Office Berlin: Panoramastr. 1, 10178 Berlin, Germany Office Bonn: Bachstr. 6, 53115 Bonn, Germany http://www.emlix.com emlix - your embedded Linux partner
signature.asc
Description: This is a digitally signed message part.
