common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash...
7.5CVSS
7.4AI Score
0.002EPSS
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest...
7.5CVSS
7.4AI Score
0.002EPSS
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds...
9.1CVSS
9.1AI Score
0.002EPSS
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a...
9.8CVSS
9.7AI Score
0.011EPSS
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a...
9.8CVSS
9.7AI Score
0.011EPSS