Search CVE reports


Toggle filters

11 – 20 of 50 results


CVE-2024-57254

Medium priority

Some fixes available 2 of 11

An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Fixed Fixed Needs evaluation Needs evaluation
u-boot-nezha Not in release Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2024-42040

Medium priority
Vulnerable

Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory...

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
u-boot-nezha Not in release Vulnerable Vulnerable Not in release
Show less packages

CVE-2023-48426

Medium priority
Not affected

u-boot bug that allows for u-boot shell and interrupt over UART

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected
u-boot-nezha Not affected Not affected Not in release
Show less packages

CVE-2022-2347

Medium priority

Some fixes available 13 of 20

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified...

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Fixed Fixed Fixed Fixed Fixed
u-boot-nezha Not in release Vulnerable Fixed Not in release Not in release
Show less packages

CVE-2022-33967

Medium priority

Some fixes available 3 of 5

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-33103

Medium priority

Some fixes available 3 of 5

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-34835

Medium priority

Some fixes available 3 of 5

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2022-30790

Medium priority

Some fixes available 5 of 12

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
u-boot-nezha Not in release Vulnerable Fixed Not in release Not in release
Show less packages

CVE-2022-30552

Medium priority

Some fixes available 5 of 12

Das U-Boot 2022.01 has a Buffer Overflow.

2 affected packages

u-boot, u-boot-nezha

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
u-boot-nezha Not in release Vulnerable Fixed Not in release Not in release
Show less packages

CVE-2022-30767

Medium priority

Some fixes available 3 of 5

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Fixed Fixed Fixed
Show less packages