CVE-2024-57262 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode…
High CVSS: 7.1

CVE-2024-57262

In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256.
Vendor
-
Product
-
CWE
CWE-190
Yayın Tarihi
2025-02-19 02:15:08
Güncelleme
2025-02-19 02:15:08
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-190 HIGH 2025

Referanslar

https://git.pengutronix.de/cgit/barebox/commit/?id=a2b76550f7d8 https://git.pengutronix.de/cgit/barebox/commit/?id=a2b76550f7d87ba6f88a9ea50e71f107b514ff4e