372 matches found
CVE-2022-30767
nfslookupreply in net/nfs.c in Das U-Boot through 2022.04 and through 2022.07-rc2 has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196...
CVE-2020-10648
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration...
CVE-2019-14196
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfslookupreply...
CVE-2019-13106
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...
CVE-2019-14197
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfsreadreply...
CVE-2019-14192
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call...
CVE-2019-14204
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsumountallreply...
CVE-2019-14201
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfslookupreply...
CVE-2019-14194
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv2 case...
CVE-2019-14200
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: rpclookupreply...
CVE-2019-13103
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...
CVE-2019-14198
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv3 case...
CVE-2019-14202
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsreadlinkreply...
CVE-2019-14203
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsmountreply...
CVE-2019-13104
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy to overwrite a very large amount of data including the whole stack while reading a crafted ext4 filesystem...
CVE-2019-14199
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call...
CVE-2019-14195
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfsreadlinkreply in the "else" block after calculating the new path length...
CVE-2019-13105
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem...
CVE-2019-14193
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfsreadlinkreply, in the "if" block after calculating the new path length...
CVE-2024-57257
A stack consumption issue in sqfssize in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...