Was plain U-Boot affected by CVE-2023-39902?

[Rolf Eike Beer <eb@emlix.com>]

[-- Attachment #1: Type: text/plain, Size: 1435 bytes --]

Hi all,

for entirely unrelated reasons I came accross CVE-2023-39902:

> A software vulnerability has been identified in the U-Boot Secondary Program
> Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. Under
> certain conditions, a crafted Flattened Image Tree (FIT) format structure
> can be used to overwrite SPL memory, allowing unauthenticated software to
> execute on the target, leading to privilege escalation.

This links to https://community.nxp.com/t5/i-MX-Security/U-Boot-Secondary-Program-Loader-Authentication-Vulnerability-CVE/ta-p/1736196, which links 4 
patches. The relevant one seems to me https://github.com/nxp-imx/uboot-imx/
commit/0746cfd931de8f7591d263ff60dd806ffe23c093, and for my limited 
understanding the actual fix is the first hunk.

A similar change has been made in 6039e0edc8540bd2a ("imx: hab: Simplify the 
mechanism"), so I wonder if this is just an unnoticed instance of the very 
same bug?

Opinions?

Regards,

Eike
-- 
Rolf Eike Beer

emlix GmbH
Headquarters: Berliner Str. 12, 37073 Göttingen, Germany
Phone +49 (0)551 30664-0, e-mail info@emlix.com
District Court of Göttingen, Registry Number HR B 3160
Managing Directors: Heike Jordan, Dr. Uwe Kracke
VAT ID No. DE 205 198 055
Office Berlin: Panoramastr. 1, 10178 Berlin, Germany
Office Bonn: Bachstr. 6, 53115 Bonn, Germany
http://www.emlix.com

emlix - your embedded Linux partner

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 313 bytes --]