Search CVE reports
11 – 20 of 46 results
Some fixes available 3 of 5
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs...
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | Not affected | Fixed | Fixed | Fixed |
Some fixes available 3 of 5
Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | Not affected | Fixed | Fixed | Fixed |
Some fixes available 5 of 12
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.
2 affected packages
u-boot-nezha, u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot-nezha | Vulnerable | Fixed | Not in release | Not in release |
| u-boot | Not affected | Fixed | Fixed | Fixed |
Some fixes available 3 of 5
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | Not affected | Fixed | Fixed | Fixed |
Some fixes available 5 of 12
Das U-Boot 2022.01 has a Buffer Overflow.
2 affected packages
u-boot, u-boot-nezha
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | Not affected | Fixed | Fixed | Fixed |
| u-boot-nezha | Vulnerable | Fixed | Not in release | Not in release |
Some fixes available 11 of 18
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified...
2 affected packages
u-boot, u-boot-nezha
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | Fixed | Fixed | Fixed | Fixed |
| u-boot-nezha | Vulnerable | Fixed | Not in release | Not in release |
The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | — | Not affected | Ignored | Ignored |
The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | — | Not affected | Ignored | Ignored |
Some fixes available 2 of 3
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this...
1 affected package
u-boot
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| u-boot | — | Not affected | Fixed | Fixed |
A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).
45 affected packages
gcc-3.3, gcc-4.8, gcc-5, gcc-5-cross, gcc-4.4...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gcc-3.3 | — | Ignored | Ignored | Ignored |
| gcc-4.8 | — | Not in release | Not in release | Ignored |
| gcc-5 | — | Not in release | Not in release | Ignored |
| gcc-5-cross | — | Not in release | Not in release | Ignored |
| gcc-4.4 | — | Not in release | Not in release | Not in release |
| gcc-4.7-armel-cross | — | Not in release | Not in release | Not in release |
| gcc-4.7-armhf-cross | — | Not in release | Not in release | Not in release |
| gcc-h8300-hms | — | Ignored | Ignored | Ignored |
| gcc-m68hc1x | — | Ignored | Ignored | Ignored |
| gcc-mingw-w64 | — | Ignored | Ignored | Ignored |
| gcc-7 | — | Not in release | Ignored | Ignored |
| gcc-8 | — | Not in release | Ignored | Ignored |
| gcc-8-cross | — | Not in release | Ignored | Ignored |
| gcc-8-cross-ports | — | Not in release | Ignored | Ignored |
| gcc-9 | — | Ignored | Ignored | Not in release |
| gcc-9-cross | — | Ignored | Ignored | Not in release |
| gcc-9-cross-ports | — | Ignored | Ignored | Not in release |
| gcc-arm-none-eabi | — | Ignored | Ignored | Ignored |
| gcc-avr | — | Ignored | Ignored | Ignored |
| gcc-defaults | — | Ignored | Ignored | Ignored |
| gcc-4.7 | — | Not in release | Not in release | Not in release |
| gcc-4.8-arm64-cross | — | Not in release | Not in release | Not in release |
| gcc-4.8-armhf-cross | — | Not in release | Not in release | Not in release |
| gcc-4.8-powerpc-cross | — | Not in release | Not in release | Not in release |
| gcc-4.8-ppc64el-cross | — | Not in release | Not in release | Not in release |
| gcc-4.9 | — | Not in release | Not in release | Not in release |
| gcc-4.6 | — | Not in release | Not in release | Not in release |
| gcc-6 | — | Not in release | Not in release | Ignored |
| gcc-6-cross | — | Not in release | Not in release | Ignored |
| gcc-6-cross-ports | — | Not in release | Not in release | Ignored |
| gcc-7-cross | — | Not in release | Not in release | Ignored |
| gcc-7-cross-ports | — | Not in release | Not in release | Ignored |
| gcc-arm-linux-androideabi | — | Not in release | Not in release | Not in release |
| gcc-defaults-arm64-cross | — | Not in release | Not in release | Not in release |
| gcc-defaults-armel-cross | — | Not in release | Not in release | Not in release |
| gcc-defaults-armhf-cross | — | Not in release | Not in release | Not in release |
| gcc-defaults-powerpc-cross | — | Not in release | Not in release | Not in release |
| gcc-defaults-ppc64el-cross | — | Not in release | Not in release | Not in release |
| gcc-i686-linux-android | — | Not in release | Not in release | Not in release |
| gcc-msp430 | — | Ignored | Ignored | Ignored |
| gcc-opt | — | Ignored | Ignored | Ignored |
| gcc-snapshot | — | Ignored | Ignored | Ignored |
| gccgo-4.9 | — | Not in release | Not in release | Not in release |
| gccgo-6 | — | Not in release | Not in release | Not in release |
| u-boot | — | Not affected | Not affected | Not affected |