VYPR
High severity7.1NVD Advisory· Published Feb 18, 2025· Updated May 12, 2026

CVE-2024-57256

CVE-2024-57256

Description

An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

53

Patches

Vulnerability mechanics

References

4

News mentions

1