On 19.02.25 15:18, Sascha Hauer wrote: > These are some fixes for memory corruptions that can occur on corrupted > or manipulated filesystems. > > In case you use one of the affected filesystems in a secure boot chain > you should apply these patches. > > Normally you shouldn't use a barebox filesystem in a secure boot chain, > but instead use FIT images on a raw partition. We never made this explicit > though. Ahmad has done this recently: > > https://lore.kernel.org/barebox/20250217180949.3961860-3-a.fatoum@xxxxxxxxxxxxxx/T/#u > > I digged through the U-Boot code and there are a few CVE fixes in the > ext4 code that we'll likely need as well. But even with these applied > we don't consider the barebox filesystems as suitable for secure boot. > > For those curious we consider adding support for dm-verity at some > point. This would allow us to remove the attack surface from the > filesystem implementations and we could also use bootspec rather than > signed FIT images. > > Sascha > > Sascha Hauer (5): > CVE-2025-26722: fs: squashfs: Ensure positive inode length > CVE-2025-26724: fs: cramfs: fix malloc(size + constant) buffer > overflow issues > CVE-2025-26723: fs: ext4: fix malloc(size + constant) buffer overflow > issues > CVE-2025-26725: fs: jffs2: fix malloc(size + constant) buffer overflow > issues > CVE-2025-26721: fs: pstore: fix malloc(size + constant) buffer > overflow issues I think the CVE id should better go into the commit message body, (maybe with a Fixes: before it) and not into the title. Thanks, Ahmad > > fs/cramfs/cramfs.c | 2 +- > fs/ext4/ext_barebox.c | 2 +- > fs/jffs2/malloc.c | 4 ++-- > fs/jffs2/nodelist.h | 2 +- > fs/jffs2/readinode.c | 2 +- > fs/pstore/fs.c | 2 +- > fs/squashfs/symlink.c | 8 ++++++-- > 7 files changed, 13 insertions(+), 9 deletions(-) > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
