VYPR

rpm package

suse/u-boot-rpiarm64&distro=SUSE Linux Enterprise Micro 5.4

pkg:rpm/suse/u-boot-rpiarm64&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Vulnerabilities (2)

  • CVE-2024-57258HigFeb 18, 2025
    affected < 2021.10-150400.4.14.1fixed 2021.10-150400.4.14.1

    Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.

  • CVE-2024-57256HigFeb 18, 2025
    affected < 2021.10-150400.4.14.1fixed 2021.10-150400.4.14.1

    An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.