Critical severity9.8NVD Advisory· Published Jan 29, 2020· Updated Jun 17, 2026
CVE-2020-8432
CVE-2020-8432
Description
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21- U-Boot/U-Bootdescription
- osv-coords19 versionspkg:rpm/opensuse/u-boot&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/u-boot&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/u-boot-rpiarm64&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
< 2019.01-lp151.6.13.1+ 18 more
- (no CPE)range: < 2019.01-lp151.6.13.1
- (no CPE)range: < 2020.01-lp152.9.9.1
- (no CPE)range: < 2018.03-4.6.1
- (no CPE)range: < 2018.03-4.6.1
- (no CPE)range: < 2019.01-7.10.1
- (no CPE)range: < 2020.01-10.9.1
- (no CPE)range: < 2018.03-4.3.1
- (no CPE)range: < 2019.01-5.3.1
- (no CPE)range: < 2018.03-4.6.1
- (no CPE)range: < 2019.01-5.3.1
- (no CPE)range: < 2018.03-4.6.1
- (no CPE)range: < 2018.03-4.6.2
- (no CPE)range: < 2018.03-4.6.2
- (no CPE)range: < 2019.01-7.10.2
- (no CPE)range: < 2018.03-4.3.1
- (no CPE)range: < 2019.01-5.3.1
- (no CPE)range: < 2018.03-4.6.2
- (no CPE)range: < 2019.01-5.3.1
- (no CPE)range: < 2020.01-10.9.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.