UBUNTU-CVE-2025-45512

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot U-Boot v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution...

CVE-2025-45512

CVE-2025-45512 affects DENX Software Engineering Das U-Boot (bootloader) v1.1.3. The root cause is a lack of signature verification in the bootloader, enabling attackers to install crafted firmware and achieve arbitrary code execution. Impact is practical on devices using this U-Boot version, wit...

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices

Cybersecurity researchers have disclosed two unpatched security vulnerabilities in the open-source U-Boot boot loader. The issues, which were uncovered in the IP defragmentation algorithm implemented in U-Boot by NCC Group, could be abused to achieve arbitrary out-of-bounds write and...

Das U-Boot Buffer Overflow Vulnerability (CNVD-2019-34811)

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A buffer overflow vulnerability exists in Das U-Boot. An attacker could exploit this vulnerability to...

CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...