Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite, a related issue to CVE-2024-57256.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
Barebox 安全漏洞
Vulnerability Description
Barebox是Barebox开源的一个多功能且灵活的引导加载程序。 Barebox 2025.01.0之前版本存在安全漏洞,该漏洞源于ext4fs_read_symlink存在整数溢出,导致内存覆盖。
CVSS Information
N/A
Vulnerability Type
N/A