Iot
Six U-Boot Flaws Let Malicious Firmware Images Execute Code Before Signature Verification Ever Runs
Binarly found six bugs in U-Boot's FIT image parser — two lead to code execution, four to denial of service — and all six trigger while the bootloader is still reading an untrusted image, before it checks the signature that's supposed to protect it.