Search CVE reports


Toggle filters

41 – 50 of 50 results


CVE-2019-14192

Low priority

Some fixes available 2 of 5

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-13103

Negligible priority

Some fixes available 2 of 5

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-11059

Low priority
Vulnerable

Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-11690

Low priority
Vulnerable

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-3968

Medium priority
Not affected

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected
Show less packages

CVE-2018-18440

Negligible priority
Vulnerable

DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-18439

Negligible priority
Vulnerable

DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-3226

Negligible priority
Vulnerable

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-3225

Negligible priority
Ignored

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected
Show less packages

CVE-2018-1000205

Negligible priority
Vulnerable

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special...

1 affected package

u-boot

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
u-boot Not affected Not affected Not affected Not affected Not affected
Show less packages