Tag
#buffer-overflow
U-Boot TCP/NFS Vulnerabilities: Integer Underflow and Buffer Overflow in the World's Most Popular Bootloader
Three CVEs in U-Boot's network stack: a TCP integer underflow that corrupts packet processing and an NFS path overflow that escapes a 2048-byte buffer.
Four Vulnerabilities in barebox: From DHCP Parsing to EFI PE Loading
Four CVEs across barebox's network stack, filesystem layer, and EFI loader: an unbounded DHCP option scan, two ext4 parsing flaws, and a PE virtual-size integer overflow.