Known Vulnerabilities for products from Denx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Denx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-42040 json | Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any... | Not Provided | 2024-08-23 | 2026-04-03 |
| CVE-2022-34835 json | In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" comm... | 9.8 - CRITICAL | 2022-06-30 | 2023-08-29 |
| CVE-2022-33967 json | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow... | 7.8 - HIGH | 2022-07-20 | 2022-08-02 |
| CVE-2022-33103 json | Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). | 7.8 - HIGH | 2022-07-01 | 2023-11-07 |
| CVE-2022-30790 json | Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. | 7.8 - HIGH | 2022-06-08 | 2022-06-16 |
| CVE-2022-30767 json | nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed l... | 9.8 - CRITICAL | 2022-05-16 | 2023-11-07 |
| CVE-2022-30552 json | Das U-Boot 2022.01 has a Buffer Overflow. | 5.5 - MEDIUM | 2022-06-08 | 2022-06-16 |
| CVE-2022-2347 json | There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU dow... | 7.1 - HIGH | 2022-09-23 | 2022-09-29 |
| CVE-2021-27138 json | The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-24 |
| CVE-2021-27097 json | The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-23 |
| CVE-2020-10648 json | Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by pr... | 7.8 - HIGH | 2020-03-19 | 2021-03-26 |
| CVE-2020-8432 json | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing m... | 9.8 - CRITICAL | 2020-01-29 | 2023-11-07 |
| CVE-2019-14204 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14203 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14202 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14201 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14200 json | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14199 json | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_pr... | 9.8 - CRITICAL | 2019-07-31 | 2019-08-02 |
| CVE-2019-14198 json | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_re... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14197 json | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | 9.1 - CRITICAL | 2019-07-31 | 2019-08-02 |
Known software with vulnerabilities from Denx
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Denx | U-boot | - |