Critical severity9.8NVD Advisory· Published Jul 31, 2019· Updated May 12, 2026

CVE-2019-14193

Description

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.

Affected products

Das U-Boot/U-Bootdescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.semmle.com/uboot-rce-nfs-vulnerability/nvdThird Party Advisory
cert-portal.siemens.com/productcert/html/ssa-577017.htmlnvd
web.archive.org/web/20191130052117/https://blog.semmle.com/uboot-rce-nfs-vulnerability/nvd

News mentions

Siemens Ruggedcom Rox
CISA Alerts

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000