]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 573f5b2) | patch
u-boot: Fix CVE-2022-30767
authorCarlos Dominguez <carlos.dominguez@windriver.com>
Wed, 19 Feb 2025 08:18:12 +0000 (16:18 +0800)
committerSteve Sakoman <steve@sakoman.com>
Wed, 19 Feb 2025 15:05:14 +0000 (07:05 -0800)
commitb7072637ba110718714745a01d67e1b6b0096165
tree3a29d685079d3f7db4cb50c288f1da5718071b02tree
parent573f5b2d8fec9f8a4ed17e836ef3feeb6de62e5acommit | diff
u-boot: Fix CVE-2022-30767

This patch mitigates the vulnerability identified via CVE-2019-14196.
The previous patch was bypassed/ineffective, and now the vulnerability
is identified via CVE-2022-30767. The patch removes the sanity check
introduced to mitigate CVE-2019-14196 since it's ineffective.
filefh3_length is changed to unsigned type integer, preventing negative
numbers from being used during comparison with positive values during
size sanity checks.

Signed-off-by: Carlos Dominguez <carlos.dominguez@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-bsp/u-boot/files/0001-CVE-2022-30767.patch [new file with mode: 0644] blob
meta/recipes-bsp/u-boot/u-boot_2022.01.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib