rpm package
suse/u-boot&distro=SUSE Linux Enterprise Module for Basesystem 15 SP2
pkg:rpm/suse/u-boot&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-10648 | Hig | 7.8 | < 2020.01-10.9.1 | 2020.01-10.9.1 | Mar 19, 2020 | Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration. | |
| CVE-2020-8432 | — | < 2020.01-10.9.1 | 2020.01-10.9.1 | Jan 29, 2020 | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a |
- affected < 2020.01-10.9.1fixed 2020.01-10.9.1
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.
- CVE-2020-8432Jan 29, 2020affected < 2020.01-10.9.1fixed 2020.01-10.9.1
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a