dgit.raspbian.org Git - u-boot.git/commit

author	Simon Glass <sjg@chromium.org>
	Tue, 16 Feb 2021 00:08:12 +0000 (17:08 -0700)
committer	Daniel Leidert <dleidert@debian.org>
	Sun, 29 Jun 2025 00:33:57 +0000 (02:33 +0200)
commit	8d4681a526451a22408548bb8fcd2f80b74195a6
tree	24c88aa87d0907f34ed186d2ffaf37a3c3cfadc5	tree \| snapshot
parent	4cb4b9fea3e1824643542a4ffea9e29524dd7fb7	commit \| diff

[PATCH] image: Check for unit addresses in FITs

Using unit addresses in a FIT is a security risk. Add a check for this
and disallow it.

CVE-2021-27138

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Bruce Monroe <bruce.monroe@intel.com>
Reported-by: Arie Haenel <arie.haenel@intel.com>
Reported-by: Julien Lenoir <julien.lenoir@intel.com>
The test part has not been patched. It would require these patches as well:
https://github.com/u-boot/u-boot/commit/fafafacb470b345f2f41b86e4633ef91a7c5ed23
https://github.com/u-boot/u-boot/commit/d5f3aadacbc63df3b690d6fd9f0aa3f575b43356

Also, remove the broken test in test/image/test-imagetools.sh
(thanks to jspricke for the hint):
https://salsa.debian.org/debian/u-boot/-/blob/debian/latest/debian/patches/disable-fit-image-tests?ref_type=heads
https://lists.denx.de/pipermail/u-boot/2021-March/445431.html

Reviewed-By: Daniel Leidert <dleidert@debian.org>
Origin: https://github.com/u-boot/u-boot/commit/3f04db891a353f4b127ed57279279f851c6b4917
Bug: https://github.com/advisories/GHSA-grrh-mjp7-g52c
Bug-Debian: https://bugs.debian.org/983269
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-27138
Bug-Freexian-Security: https://deb.freexian.com/extended-lts/tracker/CVE-2021-27138

Gbp-Pq: Name CVE-2021-27138-2.patch

common/image-fit.c		diff \| blob \| history
test/image/test-imagetools.sh		diff \| blob \| history