Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread Jianan Huang
On 2024/6/5 19:18, Gao Xiang wrote: > Hi Jianqiang, > > On 2024/6/5 19:00, jianqiang wang wrote: >> Hi, >> >> I do have the crafted image. >> >> payload_00500, payload_00763, payload_00846 can be used to reproduce >> 1,2,3 vulnerabilities respectively. >> >> Each image is a hard drive file and the

Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread jianqiang wang
Could you please forward the issues to whoever is responsible for them? Gao Xiang 于2024年6月5日周三 13:35写道: > > > > On 2024/6/5 19:26, jianqiang wang wrote: > > Hi Xiang, > > > > I just checked the second crash, the patch can solve this issue. Did > > you also look into the other two issues? > > I'm

Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread Gao Xiang
On 2024/6/5 19:26, jianqiang wang wrote: Hi Xiang, I just checked the second crash, the patch can solve this issue. Did you also look into the other two issues? I'm only responsible for the EROFS project. Thanks, Gao Xiang Best Jianqiang Gao Xiang 于2024年6月5日周三 13:18写道: Hi Jianqiang,

Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread jianqiang wang
Hi Xiang, I just checked the second crash, the patch can solve this issue. Did you also look into the other two issues? Best Jianqiang Gao Xiang 于2024年6月5日周三 13:18写道: > > Hi Jianqiang, > > On 2024/6/5 19:00, jianqiang wang wrote: > > Hi, > > > > I do have the crafted image. > > > > payload_0050

Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread Gao Xiang
Hi Jianqiang, On 2024/6/5 19:00, jianqiang wang wrote: Hi, I do have the crafted image. payload_00500, payload_00763, payload_00846 can be used to reproduce 1,2,3 vulnerabilities respectively. Each image is a hard drive file and the vulnerabilities can be triggered by performing the following

Re: Several potential vulnerabilities in the filesystem

2024-06-05 Thread jianqiang wang
Hi, I do have the crafted image. payload_00500, payload_00763, payload_00846 can be used to reproduce 1,2,3 vulnerabilities respectively. Each image is a hard drive file and the vulnerabilities can be triggered by performing the following operations: struct udevice *dev; uclass_first_de

Re: Several potential vulnerabilities in the filesystem

2024-06-04 Thread Gao Xiang
On 2024/6/5 06:53, jianqiang wang wrote: Hi Das U-Boot developers, ... 2. in file fs/erofs/data.c, function z_erofs_read_one_data, the node data is read from the storage, however, without a proper check, the data can be corrupted. For example, the inode data is used in function z_erofs_r

Several potential vulnerabilities in the filesystem

2024-06-04 Thread jianqiang wang
Hi Das U-Boot developers, I found several vulnerabilities in the u-boot filesysetm implementation, 1. in file fs/squashfs/sqfs_inode.c function sqfs_inode_size. The parameter blk_size is directly or indirectly from the storage data. Howver, without a sanity check, this value is directly used in t