[PATCH 0/5] Filesystem memory corruption fixes
Sascha Hauer
s.hauer at pengutronix.de
Wed Feb 19 06:18:39 PST 2025
These are some fixes for memory corruptions that can occur on corrupted
or manipulated filesystems.
In case you use one of the affected filesystems in a secure boot chain
you should apply these patches.
Normally you shouldn't use a barebox filesystem in a secure boot chain,
but instead use FIT images on a raw partition. We never made this explicit
though. Ahmad has done this recently:
https://lore.kernel.org/barebox/20250217180949.3961860-3-a.fatoum@pengutronix.de/T/#u
I digged through the U-Boot code and there are a few CVE fixes in the
ext4 code that we'll likely need as well. But even with these applied
we don't consider the barebox filesystems as suitable for secure boot.
For those curious we consider adding support for dm-verity at some
point. This would allow us to remove the attack surface from the
filesystem implementations and we could also use bootspec rather than
signed FIT images.
Sascha
Sascha Hauer (5):
CVE-2025-26722: fs: squashfs: Ensure positive inode length
CVE-2025-26724: fs: cramfs: fix malloc(size + constant) buffer
overflow issues
CVE-2025-26723: fs: ext4: fix malloc(size + constant) buffer overflow
issues
CVE-2025-26725: fs: jffs2: fix malloc(size + constant) buffer overflow
issues
CVE-2025-26721: fs: pstore: fix malloc(size + constant) buffer
overflow issues
fs/cramfs/cramfs.c | 2 +-
fs/ext4/ext_barebox.c | 2 +-
fs/jffs2/malloc.c | 4 ++--
fs/jffs2/nodelist.h | 2 +-
fs/jffs2/readinode.c | 2 +-
fs/pstore/fs.c | 2 +-
fs/squashfs/symlink.c | 8 ++++++--
7 files changed, 13 insertions(+), 9 deletions(-)
--
2.39.5
More information about the barebox
mailing list