Filtered by vendor Denx
Subscriptions
Total
36 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-13103 | 1 Denx | 1 U-boot | 2024-08-04 | 7.1 High |
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. | ||||
CVE-2019-13104 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-08-04 | 7.8 High |
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. | ||||
CVE-2019-13105 | 1 Denx | 1 U-boot | 2024-08-04 | N/A |
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem. | ||||
CVE-2019-13106 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-08-04 | 7.8 High |
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | ||||
CVE-2019-11690 | 1 Denx | 1 U-boot | 2024-08-04 | N/A |
gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device. | ||||
CVE-2019-11059 | 1 Denx | 1 U-boot | 2024-08-04 | N/A |
Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow. | ||||
CVE-2020-10648 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-08-04 | 7.8 High |
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration. | ||||
CVE-2020-8432 | 2 Denx, Opensuse | 2 U-boot, Leap | 2024-08-04 | 9.8 Critical |
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis. | ||||
CVE-2021-27138 | 1 Denx | 1 U-boot | 2024-08-03 | 7.8 High |
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT. | ||||
CVE-2021-27097 | 1 Denx | 1 U-boot | 2024-08-03 | 7.8 High |
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT. | ||||
CVE-2022-34835 | 1 Denx | 1 U-boot | 2024-08-03 | 9.8 Critical |
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function. | ||||
CVE-2022-33967 | 1 Denx | 1 U-boot | 2024-08-03 | 7.8 High |
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution. | ||||
CVE-2022-33103 | 1 Denx | 1 U-boot | 2024-08-03 | 7.8 High |
Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). | ||||
CVE-2022-30790 | 1 Denx | 1 U-boot | 2024-08-03 | 7.8 High |
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. | ||||
CVE-2022-30767 | 2 Denx, Fedoraproject | 2 U-boot, Fedora | 2024-08-03 | 9.8 Critical |
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. | ||||
CVE-2022-30552 | 1 Denx | 1 U-boot | 2024-08-03 | 5.5 Medium |
Das U-Boot 2022.01 has a Buffer Overflow. |