Search CVE reports
11 – 20 of 50 results
Some fixes available 2 of 11
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Fixed | Fixed | Needs evaluation | Needs evaluation |
| u-boot-nezha | Not in release | Needs evaluation | Needs evaluation | Not in release | — |
Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory...
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| u-boot-nezha | Not in release | Vulnerable | Vulnerable | Not in release | — |
u-boot bug that allows for u-boot shell and interrupt over UART
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | — | Not affected | Not affected | Not affected | Not affected |
| u-boot-nezha | — | Not affected | Not affected | Not in release | — |
Some fixes available 13 of 20
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified...
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Fixed | Fixed | Fixed | Fixed | Fixed |
| u-boot-nezha | Not in release | Vulnerable | Fixed | Not in release | Not in release |
Some fixes available 3 of 5
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs...
1 affected package
u-boot
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |
Some fixes available 3 of 5
Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().
1 affected package
u-boot
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |
Some fixes available 3 of 5
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.
1 affected package
u-boot
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |
Some fixes available 5 of 12
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |
| u-boot-nezha | Not in release | Vulnerable | Fixed | Not in release | Not in release |
Some fixes available 5 of 12
Das U-Boot 2022.01 has a Buffer Overflow.
2 affected packages
u-boot, u-boot-nezha
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |
| u-boot-nezha | Not in release | Vulnerable | Fixed | Not in release | Not in release |
Some fixes available 3 of 5
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
1 affected package
u-boot
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| u-boot | Not affected | Not affected | Fixed | Fixed | Fixed |