rpm package
opensuse/u-boot&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/u-boot&distro=openSUSE%20Leap%2015.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-13106 | Hig | 7.8 | < 2018.03-lp150.4.3.1 | 2018.03-lp150.4.3.1 | Aug 6, 2019 | Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |
| CVE-2019-13104 | Hig | 7.8 | < 2018.03-lp150.4.3.1 | 2018.03-lp150.4.3.1 | Aug 6, 2019 | In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. |
- affected < 2018.03-lp150.4.3.1fixed 2018.03-lp150.4.3.1
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
- affected < 2018.03-lp150.4.3.1fixed 2018.03-lp150.4.3.1
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.