U Boot
by Denx
Source repositories
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57258 | Hig | 0.46 | 7.1 | 0.00 | Feb 18, 2025 | Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. | ||
| CVE-2024-57256 | Hig | 0.46 | 7.1 | 0.00 | Feb 18, 2025 | An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. | ||
| CVE-2019-13103 | Hig | 0.39 | 7.1 | 0.00 | Jul 29, 2019 | A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data. | ||
| CVE-2022-30552 | Med | 0.36 | 5.5 | 0.00 | Jun 8, 2022 | Das U-Boot 2022.01 has a Buffer Overflow. | ||
| CVE-2025-45512 | 0.00 | — | 0.00 | Aug 5, 2025 | A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution. | |||
| CVE-2024-57255 | 0.00 | — | 0.00 | Feb 18, 2025 | An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. | |||
| CVE-2024-57254 | 0.00 | — | 0.00 | Feb 18, 2025 | An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem. | |||
| CVE-2024-57257 | 0.00 | — | 0.00 | Feb 18, 2025 | A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting. | |||
| CVE-2024-57259 | 0.00 | — | 0.00 | Feb 18, 2025 | sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation. | |||
| CVE-2022-33967 | 0.00 | — | 0.01 | Jul 20, 2022 | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition… | |||
| CVE-2018-18439 | 0.00 | — | 0.02 | Nov 20, 2018 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image. | |||
| CVE-2018-18440 | 0.00 | — | 0.01 | Nov 20, 2018 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled. |
- risk 0.46cvss 7.1epss 0.00
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.
- risk 0.46cvss 7.1epss 0.00
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.
- risk 0.39cvss 7.1epss 0.00
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
- risk 0.36cvss 5.5epss 0.00
Das U-Boot 2022.01 has a Buffer Overflow.
- CVE-2025-45512Aug 5, 2025risk 0.00cvss —epss 0.00
A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.
- CVE-2024-57255Feb 18, 2025risk 0.00cvss —epss 0.00
An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.
- CVE-2024-57254Feb 18, 2025risk 0.00cvss —epss 0.00
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.
- CVE-2024-57257Feb 18, 2025risk 0.00cvss —epss 0.00
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.
- CVE-2024-57259Feb 18, 2025risk 0.00cvss —epss 0.00
sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation.
- CVE-2022-33967Jul 20, 2022risk 0.00cvss —epss 0.01
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition…
- CVE-2018-18439Nov 20, 2018risk 0.00cvss —epss 0.02
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image.
- CVE-2018-18440Nov 20, 2018risk 0.00cvss —epss 0.01
DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled.
Page 2 of 2