Description
In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258.
References (2)
Core 2
Scores
CVSS v3
7.1
EPSS
0.0027
EPSS Percentile
19.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-190
Status
published
Products (1)
Pengutronix/barebox
< 2025.01.0
Published
Feb 19, 2025
Tracked Since
Feb 18, 2026