[U-Boot] [U-Boot, v10, 06/10] fs: prevent overwriting reserved memory

Tom Rini trini at konsulko.com
Thu Jan 17 22:44:35 UTC 2019


On Mon, Jan 14, 2019 at 10:38:19PM +0100, Simon Goldschmidt wrote:

> This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
> image load") by using lmb to check the load size of a file against
> reserved memory addresses.
> 
> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt at gmail.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20190117/0bb565ce/attachment.sig>


More information about the U-Boot mailing list