Vulnerabilidades en denx
7 resultadosCVE-2024-57256HIGHAn integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a craftedEPSS 0.4%CVE-2024-57259HIGHsqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory liEPSS 0.4%CVE-2024-57255HIGHAn integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of EPSS 0.4%CVE-2024-57254HIGHAn integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesyEPSS 0.4%CVE-2024-57257LOWA stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.EPSS 0.3%CVE-2024-57258HIGHInteger overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, EPSS 0.2%CVE-2026-46728HIGHDas U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.EPSS 0.1%