Serial Recovery Stack Buffer Overflow in MCUBoot

MCUBoot's serial recovery image upload handler (bs_upload in boot/boot_serial/src/boot_serial.c) contains a stack buffer overflow vulnerability when the target flash program alignment (flash_area_align(fap)) exceeds BOOT_MAX_ALIGN (8 bytes). The handler uses a fixed 8-byte stack buffer (uint8_t wbs_aligned[BOOT_MAX_ALIGN]) to pad the final unaligned chunk during image uploads, but copies and writes lengths derived from the device's alignment without bounds checking. When flash_area_align(fap) > 8, this causes stack buffer overflow, integer underflow in memset, out-of-bounds read, and potential for arbitrary code execution or device crash.