How to verify that the CVE-2023-39902 issue has been fixed?

ZongYue · ‎06-18-2025

By using NXP U-Boot version lf-5.15.5-1.0.0 on the i.MX8MP platform and referencing the patch for CVE-2023-39902 (U-Boot Secondary Program Loader Authentication Vulnerability - CVE-2023-39902 ) from NXP version lf-6.12.3-1.0.0.

This modification appears to address two issues:

How can we verify that these issues have been successfully fixed in the modified lf-5.15.5-1.0.0 U-Boot?

Harvey021 · ‎06-23-2025

Will send you system email with bootport patchs for the version of BSP.

Regards

Harvey

ZongYue · ‎06-23-2025

Thank you for providing the patch file for version lf-5.15.5-1.0.0.

Harvey021 · ‎06-23-2025

Will send you system email with bootport patchs for the version of BSP.

Regards

Harvey