[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for u-boot issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 18 12:03:35 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e6c25704 by Salvatore Bonaccorso at 2025-02-18T13:02:58+01:00
Add Debian bug reference for u-boot issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -133,29 +133,29 @@ CVE-2024-11376 (The s2Member \u2013 Excellent for All Kinds of Memberships, Cont
CVE-2021-46686 (Improper neutralization of special elements used in an OS command ('OS ...)
NOT-FOR-US: acmailer CGI
CVE-2024-57259 [Heap corruption in U-Boot's SquashFS directory listing function]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/048d795bb5b3d9c5701b4855f5e74bcf6849bf5e (v2025.01-rc1)
CVE-2024-57258 [Multiple integer overflows in U-Boot's memory allocator]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/0a10b49206a29b4aa2f80233a3e53ca0466bb0b3 (v2025.01-rc1)
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/8642b2178d2c4002c99a0b69a845a48f2ae2706f (v2025.01-rc1)
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/c17b2a05dd50a3ba437e6373093a0d6a359cdee0 (v2025.01-rc1)
CVE-2024-57257 [Stack overflow in U-Boot's SquashFS symlink resolution function]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/4f5cc096bfd0a591f8a11e86999e3d90a9484c34 (v2025.01-rc1)
CVE-2024-57256 [Integer overflow in U-Boot's ext4 symlink resolution function]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9 (v2025.01-rc1)
CVE-2024-57255 [Integer overflow in U-Boot's SquashFS symlink resolution function]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/233945eba63e24061dffeeaeb7cd6fe985278356 (v2025.01-rc1)
CVE-2024-57254 [Integer overflow in U-Boot's SquashFS symlink size calculation function]
- - u-boot <unfixed>
+ - u-boot <unfixed> (bug #1098254)
NOTE: https://www.openwall.com/lists/oss-security/2025/02/17/2
NOTE: Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/c8e929e5758999933f9e905049ef2bf3fe6b140d (v2025.01-rc1)
CVE-2024-57262
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6c257040c317fdfd103f8d0f1eaff4803902726
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6c257040c317fdfd103f8d0f1eaff4803902726
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250218/2f956a61/attachment.htm>
More information about the debian-security-tracker-commits
mailing list