Tag
#integer-overflow
Four Vulnerabilities in barebox: From DHCP Parsing to EFI PE Loading
Four CVEs across barebox's network stack, filesystem layer, and EFI loader: an unbounded DHCP option scan, two ext4 parsing flaws, and a PE virtual-size integer overflow.