1
0
mirror of https://xff.cz/git/u-boot/ synced 2025-09-03 09:42:22 +02:00
Files
u-boot-megous/net
Andrea zi0Black Cappa bdbf7a05e2 net: nfs: Fix CVE-2022-30767 (old CVE-2019-14196)
This patch mitigates the vulnerability identified via CVE-2019-14196.

The previous patch was bypassed/ineffective, and now the vulnerability
is identified via CVE-2022-30767. The patch removes the sanity check
introduced to mitigate CVE-2019-14196 since it's ineffective.
filefh3_length is changed to unsigned type integer, preventing negative
numbers from being used during comparison with positive values during
size sanity checks.

Signed-off-by: Andrea zi0Black Cappa <zi0Black@protonmail.com>
2022-05-26 10:32:06 -04:00
..
2020-06-12 13:17:23 -04:00
2022-01-19 18:11:34 +01:00
2022-04-22 15:44:10 -04:00
2019-09-04 11:37:19 -05:00
2020-09-30 16:55:03 -04:00
2018-07-02 14:14:20 -05:00