[PATCH v2 4/4] squashfs: Fix stack overflow while symlink resolving
Miquel Raynal
miquel.raynal at bootlin.com
Mon Aug 12 09:51:39 CEST 2024
Hi Richard,
richard at nod.at wrote on Fri, 2 Aug 2024 18:36:47 +0200:
> The squashfs driver blindly follows symlinks, and calls sqfs_size()
> recursively. So an attacker can create a crafted filesystem and with
> a deep enough nesting level a stack overflow can be achieved.
>
> Fix by limiting the nesting level to 8.
>
> Signed-off-by: Richard Weinberger <richard at nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal at bootlin.com>
Thanks,
Miquèl
More information about the U-Boot
mailing list