Lucene search
K

61 matches found

OSV
OSV
added 2023/11/29 1:41 p.m.5 views

USN-6523-1 u-boot-nezha vulnerability

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

7.8CVSS7AI score0.00586EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2023/11/29 1:41 p.m.49 views

USN-6523-1: u-boot-nezha vulnerability

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

7.8CVSS7.8AI score0.00586EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.31 views

Ubuntu 22.04 LTS / 23.04 : u-boot-nezha vulnerability (USN-6523-1)

The remote Ubuntu 22.04 LTS / 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6523-1 advisory. It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot t...

7.8CVSS8.1AI score0.00586EPSS
Exploits2References4
NVD
NVD
added 2023/10/31 12:15 p.m.18 views

CVE-2022-3007

The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...

8.1CVSS8.1AI score0.0028EPSS
Exploits0References1
Prion
Prion
added 2023/10/31 12:15 p.m.35 views

Information disclosure

The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update DFU which is used for performing Over-The-Air OTA firmware updates on the Bluetooth Low Energy BLE devices. An unauthenticated attacker could exploit this...

4.8CVSS8.1AI score0.0028EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2023/03/12 8:36 p.m.24 views

Denial Of Service (DoS)

u-boot is vulnerable to Denial Of Service DoS. The vulnerability exists because the U-Boot DFU implementation does not bind the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command, allowing an attacker to write...

7.7CVSS7AI score0.00586EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.58 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : U-Boot vulnerabilities (USN-5764-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5764-1 advisory. It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue t...

9.8CVSS8AI score0.02612EPSS
Exploits5References8
Ubuntu
Ubuntu
added 2022/12/06 12:54 p.m.57 views

USN-5764-1: U-Boot vulnerabilities

It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2022-2347 Nicolas Bidron and Nicolas Guigo discovered that U-Boot...

9.8CVSS8AI score0.02612EPSS
Exploits5
Cvelist
Cvelist
added 2022/11/04 12:0 a.m.26 views

CVE-2022-39344 Azure RTOS USBX vulnerable to buffer overflow

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this m...

9.8CVSS10AI score0.01936EPSS
Exploits1References1
NVD
NVD
added 2022/09/23 1:15 p.m.20 views

CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS0.00586EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2022/09/23 1:15 p.m.64 views

CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS2.9AI score0.00586EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/09/23 1:15 p.m.34 views

CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS6.9AI score0.00586EPSS
Exploits1References4
Prion
Prion
added 2022/09/23 1:15 p.m.21 views

Cross site request forgery (csrf)

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

3.7CVSS6.6AI score0.00586EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/09/23 1:15 p.m.3 views

UBUNTU-CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS6.9AI score0.00586EPSS
Exploits1References5
CVE
CVE
added 2022/09/23 12:50 p.m.117 views

CVE-2022-2347

CVE-2022-2347 affects U-Boot’s USB DFU download path: an unchecked wLength > 4096 can cause a heap overflow by writing beyond the heap-allocated request buffer. Affected component is U-Boot DFU handling; attack requires physical access via USB. Some advisories (Debian, EulerOS, Huawei EulerOS,...

7.7CVSS6.9AI score0.00586EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/09/23 12:50 p.m.22 views

CVE-2022-2347 Unchecked Download size in Uboot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.6AI score0.00586EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/09/23 12:50 p.m.5 views

CVE-2022-2347 Unchecked Download size in Uboot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.3AI score0.00586EPSS
Exploits1References1
OSV
OSV
added 2022/09/23 12:50 p.m.41 views

CVE-2022-2347 Unchecked Download size in Uboot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.1AI score0.00586EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/09/23 12:50 p.m.57 views

CVE-2022-2347

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

7.7CVSS7.4AI score0.00586EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.2 views

PT-2022-16011 · U-Boot +4 · U-Boot +4

Name of the Vulnerable Software and Affected Versions: UBoot affected versions not specified Description: The issue is related to an unchecked length field in UBoot's DFU implementation. Specifically, the U-Boot DFU implementation does not bound the length field in USB DFU download setup packets,...

9.8CVSS7AI score0.02612EPSS
Exploits5References62
Rows per page
Query Builder