16 Feb
2021
16 Feb
'21
4:35 a.m.
On Mon, Feb 15, 2021 at 05:08:05PM -0700, Simon Glass wrote:
At present fdt_find_regions() assumes that the FIT is a valid devicetree. If the FIT has two root nodes this is currently not detected in this function, nor does libfdt's fdt_check_full() notice. Also it is possible for the root node to have a name even though it should not.
Add checks for these and return -FDT_ERR_BADSTRUCTURE if a problem is detected.
CVE-2021-27097
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Bruce Monroe bruce.monroe@intel.com Reported-by: Arie Haenel arie.haenel@intel.com Reported-by: Julien Lenoir julien.lenoir@intel.com
Applied to u-boot/master, thanks!
--
Tom