U-boot Security Vulnerabilities and Issues — U-boot CVE List

Lucene search

DenxU-boot

3 matches found

CVE•added 2019/05/03 1:29 p.m.•134 views

CVE-2019-11690

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

5.9CVSS7.2AI score0.00316EPSS

CVE•added 2022/06/08 1:15 p.m.•94 views

CVE-2022-30552

Das U-Boot 2022.01 has a Buffer Overflow.

5.5CVSS6.2AI score0.00094EPSS

CVE•added 2018/06/26 4:29 p.m.•52 views

CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

5.5CVSS5.3AI score0.00182EPSS