CVE-2024-57256

NameCVE-2024-57256
DescriptionAn integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-4150-1
Debian Bugs1098254

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
u-boot (PTS)bullseye2021.01+dfsg-5vulnerable
bullseye (security)2021.01+dfsg-5+deb11u2fixed
bookworm2023.01+dfsg-2+deb12u1vulnerable
forky, sid, trixie2025.01-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
u-bootsourcebullseye2021.01+dfsg-5+deb11u1DLA-4150-1
u-bootsource(unstable)2025.01-11098254

Notes

[bookworm] - u-boot <no-dsa> (Minor issue)
https://www.openwall.com/lists/oss-security/2025/02/17/2
Fixed by: https://source.denx.de/u-boot/u-boot/-/commit/35f75d2a46e5859138c83a75cd2f4141c5479ab9 (v2025.01-rc1)
Search for package or bug name: Reporting problems