rpm package
opensuse/u-boot&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/u-boot&distro=openSUSE%20Leap%2015.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-10648 | Hig | 7.8 | < 2020.01-lp152.9.9.1 | 2020.01-lp152.9.9.1 | Mar 19, 2020 | Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration. | |
| CVE-2020-8432 | — | < 2020.01-lp152.9.9.1 | 2020.01-lp152.9.9.1 | Jan 29, 2020 | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a |
- affected < 2020.01-lp152.9.9.1fixed 2020.01-lp152.9.9.1
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.
- CVE-2020-8432Jan 29, 2020affected < 2020.01-lp152.9.9.1fixed 2020.01-lp152.9.9.1
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a