Source: u-boot X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for u-boot. CVE-2022-33103[0]: | Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an | out-of-bounds write via the function sqfs_readdir(). https://lore.kernel.org/all/CALO=dhfb+yboxxvr5kcsk0ifdg+e7ywko4-e+72kjbcs8jb...@mail.gmail.com/ https://lore.kernel.org/all/20220609140206.297405-1-miquel.ray...@bootlin.com/ If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-33103 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33103 Please adjust the affected versions in the BTS as needed.
