An attacker can pollute the legitimate image by providing a package list that causes the hash collision, enabling exploitation of the ASU feature.
Successful exploitation could allow threat actors to inject arbitrary commands into the build process, resulting in malicious firmware images signed with legitimate keys.
An attacker needs the ability to submit build requests containing crafted package lists; no authentication is needed to exploit the vulnerabilities.
Users are advised to update to the latest version promptly as the vulnerability poses a severe supply chain risk to downstream users.
Collection
[
|
...
]