[ubuntu/jammy-updates] u-boot 2022.01+dfsg-2ubuntu2.7 (Accepted)

[Ubuntu Archive Robot]

u-boot (2022.01+dfsg-2ubuntu2.7) jammy-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in sqfs_inode_size
    - debian/patches/CVE-2024-57254.patch: check for overflow in
      fs/squashfs/sqfs_inode.c.
    - CVE-2024-57254
  * SECURITY UPDATE: Integer overflow in sqfs_resolve_symlink
    - debian/patches/CVE-2024-57255.patch: check for overflow in
      fs/squashfs/sqfs.c.
    - CVE-2024-57255
  * SECURITY UPDATE: Integer overflow in ext4fs_read_symlink
    - debian/patches/CVE-2024-57256.patch: check for overflow in
      fs/ext4/ext4_common.c.
    - CVE-2024-57256
  * SECURITY UPDATE: Stack consumption issue in sqfs_size
    - debian/patches/CVE-2024-57257.patch: limit nesting levels in
      fs/squashfs/sqfs.c.
    - CVE-2024-57257
  * SECURITY UPDATE: Integer overflows in memory allocation
    - debian/patches/CVE-2024-57258-1.patch: fix ptrdiff_t in
      arch/x86/include/asm/posix_types.h.
    - debian/patches/CVE-2024-57258-2.patch: fix overflow check in
      common/dlmalloc.c.
    - debian/patches/CVE-2024-57258-3.patch: make sure that the new break
      is within mem_malloc_start and mem_malloc_end before making progress
      in common/dlmalloc.c.
    - CVE-2024-57258
  * SECURITY UPDATE: Heap memory corruption in sqfs_search_dir
    - debian/patches/CVE-2024-57259.patch: fix off-by-one in
      fs/squashfs/sqfs.c.
    - CVE-2024-57259

Date: 2026-02-11 19:42:10.465842+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/u-boot/2022.01+dfsg-2ubuntu2.7
-------------- next part --------------
Sorry, changesfile not available.