CVE-2026-34962
Received Received - Intake
Denial-of-Service in barebox via Ext4 Directory Parsing

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: VulnCheck

Description
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a crafted directory entry containing a direntlen value of 0 to cause an infinite loop during directory listing or path resolution, resulting in the boot process hanging indefinitely.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-12
EPSS Evaluated
2026-06-20
NVD
CVE-2026-34962
EUVD
EUVD-2026-29325
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
barebox barebox to 2026.04.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-835 The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in barebox versions prior to 2026.04.0 and involves a flaw in the ext4 directory parsing code. Specifically, the function ext4fs_iterate_dir() in fs/ext4/ext4_common.c does not properly check that directory entry length values are non-zero. An attacker can create a malicious ext4 filesystem image with a crafted directory entry where the length value (direntlen) is zero. When the system tries to list directories or resolve paths using this filesystem, it can enter an infinite loop, causing the boot process to hang indefinitely.

Impact Analysis

The primary impact of this vulnerability is a denial-of-service condition. By supplying a specially crafted ext4 filesystem image, an attacker can cause the system's boot process to hang indefinitely due to an infinite loop during directory listing or path resolution. This can prevent the system from starting properly, leading to downtime and potential disruption of services.

Detection Guidance

This vulnerability involves a denial-of-service in barebox versions prior to 2026.04.0 caused by improper validation of directory entry lengths in ext4 filesystem parsing.

To detect if your system is vulnerable, you should first verify the barebox version running on your device.

  • Check barebox version with the command: barebox --version
  • If the version is prior to 2026.04.0, your system is potentially vulnerable.

Since the vulnerability is triggered by a crafted ext4 filesystem image with a directory entry length of zero, you can also inspect ext4 filesystem images for such malformed directory entries using filesystem analysis tools.

  • Use debugfs or similar tools to examine directory entries in ext4 images.
  • Example command: debugfs /path/to/ext4_image

However, no specific detection commands for the crafted direntlen=0 condition are provided.

Mitigation Strategies

The primary mitigation step is to upgrade barebox to version 2026.04.0 or later, where this vulnerability has been fixed.

Until an upgrade is possible, avoid using untrusted or potentially malicious ext4 filesystem images that could contain crafted directory entries with zero length.

Additionally, monitor boot processes for hangs or infinite loops during directory listing or path resolution as indicators of exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34962. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart