Ineffective fix of CVE-2019-14196

Ineffective fix of CVE-2019-14196

[zi0Black]

[-- Attachment #1.1.1: Type: text/plain, Size: 359 bytes --]

Hi to every one,

The current fix for the vulnerability identified via CVE-2019-14196 is not effective and a buffer overflow is still possible. Please refer to my comment posted on the commit (5d14ee4e53a81055d34ba280cb8fd90330f22a96) on github.

https://github.com/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96



Regards,

zi0Black

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 509 bytes --]

Re: Ineffective fix of CVE-2019-14196

[Tom Rini]

[-- Attachment #1: Type: text/plain, Size: 550 bytes --]

On Wed, May 11, 2022 at 08:25:37PM +0000, zi0Black wrote:

> Hi to every one,
> 
> The current fix for the vulnerability identified via CVE-2019-14196 is not effective and a buffer overflow is still possible. Please refer to my comment posted on the commit (5d14ee4e53a81055d34ba280cb8fd90330f22a96) on github.
> 
> https://github.com/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96

Interesting analysis.  I'm a bit disappointed they didn't report this
upstream themselves.  A patch would be appreciated, thanks.

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]