Known Vulnerabilities for products from Denx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Denx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-57258 json | Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via... | Not Provided | 2025-02-18 | 2026-05-12 |
| CVE-2024-57256 json | An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable... | Not Provided | 2025-02-18 | 2026-05-12 |
| CVE-2024-42040 json | Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any... | Not Provided | 2024-08-23 | 2026-04-03 |
| CVE-2022-34835 json | In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" comm... | Not Provided | 2022-06-30 | 2026-05-12 |
| CVE-2022-33967 json | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow... | 7.8 - HIGH | 2022-07-20 | 2022-08-02 |
| CVE-2022-33103 json | Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). | 7.8 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-30790 json | Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. | Not Provided | 2022-06-08 | 2026-05-12 |
| CVE-2022-30767 json | nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed l... | 9.8 - CRITICAL | 2022-05-16 | 2023-11-07 |
| CVE-2022-30552 json | Das U-Boot 2022.01 has a Buffer Overflow. | Not Provided | 2022-06-08 | 2026-05-12 |
| CVE-2022-2347 json | There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU dow... | Not Provided | 2022-09-23 | 2026-05-12 |
| CVE-2021-27138 json | The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-24 |
| CVE-2021-27097 json | The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-23 |
| CVE-2020-10648 json | Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by pr... | Not Provided | 2020-03-19 | 2026-05-12 |
| CVE-2020-8432 json | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing m... | 9.8 - CRITICAL | 2020-01-29 | 2023-11-07 |
| CVE-2019-14204 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | Not Provided | 2019-07-31 | 2026-05-12 |
| CVE-2019-14203 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | Not Provided | 2019-07-31 | 2026-05-12 |
| CVE-2019-14202 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | Not Provided | 2019-07-31 | 2026-05-12 |
| CVE-2019-14201 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | Not Provided | 2019-07-31 | 2026-05-12 |
| CVE-2019-14200 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | Not Provided | 2019-07-31 | 2026-05-12 |
| CVE-2019-14199 json | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_pr... | Not Provided | 2019-07-31 | 2026-05-12 |
Known software with vulnerabilities from Denx
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Denx | U-boot | - |