From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Rini Date: Mon, 14 Jan 2019 17:54:55 -0500 Subject: [U-Boot] [PATCH v10 00/10] Fix CVE-2018-18440 and CVE-2018-18439 In-Reply-To: <20190114213823.32486-1-simon.k.r.goldschmidt@gmail.com> References: <20190114213823.32486-1-simon.k.r.goldschmidt@gmail.com> Message-ID: <20190114225455.GU5463@bill-the-cat> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de On Mon, Jan 14, 2019 at 10:38:13PM +0100, Simon Goldschmidt wrote: > This series fixes CVE-2018-18440 ("insufficient boundary checks in > filesystem image load") by adding restrictions to the 'load' > command and fixes CVE-2018-18439 ("insufficient boundary checks in > network image boot") by adding restrictions to the tftp code. > The functions from lmb.c are used to setup regions of allowed and > reserved memory. Then, the file size to load is checked against these > addresses and loading the file is aborted if it would overwrite > reserved memory. > > The memory reservation code is reused from bootm/image. > Changes in v10: > - added acked-by and reviewed-by tags Note that patchwork collects these automatically and we don't need to re-post things just for tags. Was anything else changed? Thanks! -- Tom -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: