rpm package
suse/u-boot-rpi3&distro=SUSE Linux Enterprise Module for Basesystem 15
pkg:rpm/suse/u-boot-rpi3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-13106 | Hig | 7.8 | < 2018.03-4.3.1 | 2018.03-4.3.1 | Aug 6, 2019 | Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |
| CVE-2019-13104 | Hig | 7.8 | < 2018.03-4.3.1 | 2018.03-4.3.1 | Aug 6, 2019 | In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. |
- affected < 2018.03-4.3.1fixed 2018.03-4.3.1
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
- affected < 2018.03-4.3.1fixed 2018.03-4.3.1
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.