Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
denx u-boot vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-1000205
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
Denx U-boot
3.6
CVSSv2
CVE-2019-13103
A crafted self-referential DOS partition table will cause all Das U-Boot versions up to and including 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
Denx U-boot 2019.04
Denx U-boot
Denx U-boot 2019.07
2.1
CVSSv2
CVE-2022-30552
Das U-Boot 2022.01 has a Buffer Overflow.
Denx U-boot 2022.01
2.1
CVSSv2
CVE-2017-3225
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow ...
Denx U-boot
NA
CVE-2022-2347
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a...
Denx U-boot
NA
CVE-2022-33967
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition ...
Denx U-boot 2021.04
Denx U-boot 2022.07
Denx U-boot 2022.01
Denx U-boot 2020.10
Denx U-boot 2021.01
Denx U-boot 2022.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4