sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.