17 Jan
2019
17 Jan
'19
11:44 p.m.
On Mon, Jan 14, 2019 at 10:38:22PM +0100, Simon Goldschmidt wrote:
This fixes CVE-2018-18439 ("insufficient boundary checks in network image boot") by using lmb to check for a valid range to store received blocks.
Signed-off-by: Simon Goldschmidt simon.k.r.goldschmidt@gmail.com Acked-by: Joe Hershberger joe.hershberger@ni.com
With some lib/Makefile tweaks for the odd SPL+network use cases: Applied to u-boot/master, thanks!
--
Tom