[PATCH 0/2] efi_loader: fix efi_sigstore_parse_siglist
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Tue Jun 30 00:52:16 CEST 2026
In efi_sigstore_parse_siglist() sigdata is allocated. But instead of an
allocation matching the size of sigdata, tainted external data was used
to calculate the allocation size. This may lead to buffer overflows.
Correct the allocation.
When malloc() fails for sig_data->data, sig_data is leaked.
Free sig_data before jumping to the error path.
Heinrich Schuchardt (2):
efi_loader: fix buffer overrun in efi_sigstore_parse_siglist
efi_loader: fix memory lead in efi_sigstore_parse_siglist
lib/efi_loader/efi_signature.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.53.0
More information about the U-Boot
mailing list