VYPR
High severity7.0OSV Advisory· Published Mar 21, 2019· Updated Jun 17, 2026

CVE-2018-3968

CVE-2018-3968

Description

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy image format. To trigger this vulnerability, a local attacker needs to be able to supply the image to boot.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • U Boot/U BootOSV2 versions
    LABEL_2002_11_05_0120, LABEL_2002_11_05_1735, LABEL_2002_11_10_2310, …+ 1 more
    • (no CPE)range: LABEL_2002_11_05_0120, LABEL_2002_11_05_1735, LABEL_2002_11_10_2310, …
    • (no CPE)range: 2013.07-rc1 to 2014.07-rc2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.