checker: Add checks for CVE-2020-8432

nccgroup / depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

https://depthcharge.readthedocs.io

BSD 3-Clause "New" or "Revised" License

257 stars 14 forks source link

Closed jynik closed 2 years ago

jynik commented 2 years ago

It looks like U-Boot prior to 2020.04-rc2 is affected by CVE-2020-8432.

From a quick skim, the fix to cmd/gpt.c was added in 5749faa3d6837d6dbaf2119fc3ec49a326690c8f.

Affected config: CONFIG_CMD_GPT=y