Package "u-boot"
| Name: |
u-boot
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- A boot loader for qemu
- companion tools for Das U-Boot bootloader
|
| Latest version: |
2025.10-0ubuntu0.24.04.2 |
| Release: |
noble (24.04) |
| Level: |
security |
| Repository: |
main |
Links
Other versions of "u-boot" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
|
u-boot (2025.10-0ubuntu0.24.04.2) noble-security; urgency=medium
* No-change rebuild into -security pocket.
- CVE-2024-57254, CVE-2024-57255, CVE-2024-57256, CVE-2024-57257,
CVE-2024-57258, CVE-2024-57259
-- Marc Deslauriers <email address hidden> Wed, 11 Feb 2026 13:04:28 -0500
|
| CVE-2024-57254 |
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem. |
| CVE-2024-57255 |
An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xfffffff |
| CVE-2024-57256 |
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 fil |
| CVE-2024-57257 |
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting. |
| CVE-2024-57258 |
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or becaus |
| CVE-2024-57259 |
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing bec |
|
About
-
Send Feedback to @ubuntu_updates
