On 7/13/20 8:32 PM, Philippe Mathieu-Daudé wrote:
> This series fixes CVE-2020-13253 by only allowing SD card image
> sizes power of 2, and not switching to SEND_DATA state when the
> address is invalid (out of range).
>
> Patches missing review:
> 3: boot_linux: Tag tests using a SD card with 'd
This series fixes CVE-2020-13253 by only allowing SD card image
sizes power of 2, and not switching to SEND_DATA state when the
address is invalid (out of range).
Patches missing review:
3: boot_linux: Tag tests using a SD card with 'device:sd'
4: boot_linux: Expand SD card image to power of 2