[PATCH] fs: fat: Perform sanity checks on getsize in get_fatent()
Tom Rini
trini at konsulko.com
Fri Dec 12 18:44:17 CET 2025
On Tue, 09 Dec 2025 15:23:01 -0600, Tom Rini wrote:
> We do not perform a check on the value of getsize in get_fatent to
> ensure that it will fit within the allocated buffer. For safety sake,
> add a check now and if the value exceeds FATBUFBLOCKS use that value
> instead. While not currently actively exploitable, it was in the past so
> adding this check is worthwhile.
>
> This addresses CVE-2025-24857 and was originally reported by Harvey
> Phillips of Amazon Element55
>
> [...]
Applied to u-boot/master, thanks!
[1/1] fs: fat: Perform sanity checks on getsize in get_fatent()
commit: 87d85139a96a39429120cca838e739408ef971a2
--
Tom
More information about the U-Boot
mailing list