CVE-2024-57259Off-by-one Error in U-boot

CWE-193Off-by-one Error6 documents6 sources
Severity
6.8MEDIUMNVD
EPSS
0.1%
top 79.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Denx U-bootDebian U-bootMsrc Azl3 Qemu 8.2.0-16 ON Azure Linux 3.0+1 more
Timeline
PublishedFeb 18
Latest updateFeb 23

Description

sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages6 packages

CVEListV5denx/u-boot< 2025.01-rc1
debiandebian/u-boot< u-boot 2023.01+dfsg-2+deb12u2 (bookworm)
Debiandenx/u-boot< 2021.01+dfsg-5+deb11u1+3
NVDdenx/u-boot2024.10

Patches

Patch: source.denx.de

🔴Vulnerability Details

2
GHSA
GHSA-c2cp-78ww-6jm8: sqfs_search_dir in Das U-Boot before 20252025-02-19
OSV
CVE-2024-57259: sqfs_search_dir in Das U-Boot before 20252025-02-18

📋Vendor Advisories

3
Ubuntu
U-Boot vulnerabilities2026-02-23
Microsoft
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size2025-02-11
Debian
CVE-2024-57259: u-boot - sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error an...2024
CVE-2024-57259 — Off-by-one Error in Denx U-boot | cvebase