Bug 2346481 - CVE-2024-57258 uboot-tools: Integer Overflow in Memory Allocation in Das U-Boot [epel-9]
Summary: CVE-2024-57258 uboot-tools: Integer Overflow in Memory Allocation in Das U-Bo...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: uboot-tools
Version: epel9
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
Assignee: Dan Horák
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: {"flaws": ["f24f2152-3a23-40b9-8bc2-8...
Depends On:
Blocks: CVE-2024-57258
TreeView+ depends on / blocked
 
Reported: 2025-02-19 08:11 UTC by Michal Findra
Modified: 2025-03-01 18:38 UTC (History)
7 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2025-03-01 18:38:39 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Michal Findra 2025-02-19 08:11:08 UTC
More information about this security flaw is available in the following bug:

https://bugzilla.redhat.com/show_bug.cgi?id=2346425

Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Comment 1 Peter Robinson 2025-03-01 18:38:39 UTC
Fedora doesn't enable squashfs in any of our shipped firmware, we also don't ship x86 firmware at all and it looks like this depends on x86 specific instructions.


Note You need to log in before you can comment on or make changes to this bug.