Skip to content

[firmware] Fix critical security vulnerability in usb message handling
Compare
Choose a tag to compare
@keepkeyjon keepkeyjon released this 25 Jun 18:09
· 533 commits to production since this release
v5.5.0
This tag was signed with the committer’s verified signature. The key has expired.
keepkeyjon
GPG key ID: 1A60E4FE407D43EF
Expired
Verified
Learn about vigilant mode.
8fc90bb
This commit was signed with the committer’s verified signature. The key has expired.
keepkeyjon
GPG key ID: 1A60E4FE407D43EF
Expired
Verified
Learn about vigilant mode.

This release fixes a buffer underflow in usb_rx_helper. Since that code is shared with the bootloader, this release is coupled with a bootloader update.

For more information, see: https://www.keepkey.com/2018/06/25/security-update-release-notes-bootloade-v-1-1-0-firmware-v5-5-0/

Assets 6
Loading