VYPR

rpm package

opensuse/u-boot-odroid-c4&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/u-boot-odroid-c4&distro=openSUSE%20Leap%2015.6

Vulnerabilities (2)

  • CVE-2024-57258HigFeb 18, 2025
    affected < 2021.10-150600.11.3.1fixed 2021.10-150600.11.3.1

    Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.

  • CVE-2024-57256HigFeb 18, 2025
    affected < 2021.10-150600.11.3.1fixed 2021.10-150600.11.3.1

    An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.