VYPR

rpm package

suse/u-boot-rpiarm64&distro=SUSE Linux Micro 6.0

pkg:rpm/suse/u-boot-rpiarm64&distro=SUSE%20Linux%20Micro%206.0

Vulnerabilities (2)

  • CVE-2024-57258HigFeb 18, 2025
    affected < 2023.04-2.1fixed 2023.04-2.1

    Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.

  • CVE-2024-57256HigFeb 18, 2025
    affected < 2023.04-2.1fixed 2023.04-2.1

    An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.