Bootloader Erasure is Possible Without the Warning Dialog
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Nexulockr |
Fix Released
|
Critical
|
Ian Santopietro | ||
Bug Description
Normally, when you try to erase the bootloader on your device in Nexulockr by clicking/typing "bootloader" then clicking erase, you get a not-so-friendly warning dialog that makes you type a case-sensitive confirmation message into a box before it will erase the bootloader. This is good, because if you erase the bootloader, the device will be insta-bricked.
However, there is no file verifcation on what file you flash there, so if you select the radio image file, you can flash it to the bootloader partition without any confirmation. The device will the be bricked.
Nexulockr should scan the name of any file being flashed to "bootloader" and show the warning unless the name contains the string "bootloader" to prevent accidental erasure of this highly critical partition.
Related branches
| Changed in nexulockr: | |
| status: | Triaged → In Progress |
| Changed in nexulockr: | |
| status: | In Progress → Fix Committed |
| Changed in nexulockr: | |
| status: | Fix Committed → Fix Released |
