106 matches found
CVE-2021-37848
common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison...
Design/Logic Flaw
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification...
CVE-2021-37848
common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison...
CVE-2021-37848
Pengutronix barebox (through 2021.07.0) is affected by CVE-2021-37848 due to a timing leak in common/password.c during hash comparison (strncmp). This is a timing-side-channel vulnerability in the bootloader used in embedded Linux systems. Affected component: barebox binary; issue arises from str...
CVE-2021-37847
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification...
CVE-2021-37847
CVE-2021-37847 affects Pengutronix barebox up to version 2021.07.0, where crypto/digest.c leaks timing information during digest verification because memcmp is used. The connected documents confirm the same description across NVD/Red Hat/OSV/CVE lists and related sources, with no details on concr...
Pengutronix barebox 信息泄露漏洞
Pengutronix barebox is a bootloader used in embedded Linux systems. A security vulnerability exists in barebox, which leaks time information in crypto digest.c in penguin tronix barebox through 2021.07.0 due to the use of memcmp during digest validation...
Pengutronix barebox 信息泄露漏洞
Pengutronix barebox is a bootloader used in embedded Linux systems. A security vulnerability exists in barebox that stems from common password. in Pengutronix barebox through 2021.07.0 leaks time information because strncmp is used during hash comparison...
Pengutronix barebox buffer overflow vulnerability (CNVD-2020-36741)
Pengutronix barebox is a bootloader used in embedded Linux systems. A buffer overflow vulnerability exists in the nfsreadreply file in net/nfs.c in Pengutronix barebox version 2020.05.0 and earlier. The vulnerability originates when a network system or product performs an operation in memory...
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfsreadreply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check...
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfsreadreply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check...
Out-of-bounds
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfsreadreply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check...
CVE-2020-13910
Pengutronix Barebox
CVE-2020-13910
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfsreadreply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check...
Pengutronix Barebox Buffer Overflow Vulnerability (CNVD-2019-35034)
Pengutronix barebox is a bootloader used in embedded Linux systems. Pengutronix Barebox suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to cause, among other things, a buffer overflow or heap overflow...
Pengutronix Barebox Buffer Overflow Vulnerability
Pengutronix barebox is a bootloader used in embedded Linux systems. Pengutronix Barebox suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to cause, among other things, a buffer overflow or heap overflow...
CVE-2019-15938
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfsreadlinkreq in fs/nfs.c because a length field is directly used for a memcpy...
CVE-2019-15937
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfsreadlinkreply in net/nfs.c because a length field is directly used for a memcpy...
CVE-2019-15938
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfsreadlinkreq in fs/nfs.c because a length field is directly used for a memcpy...
CVE-2019-15937
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfsreadlinkreply in net/nfs.c because a length field is directly used for a memcpy...