Known Vulnerabilities for products from Denx
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Denx".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-27138 | The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-24 |
| CVE-2021-27097 | The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT. | 7.8 - HIGH | 2021-02-17 | 2021-02-23 |
| CVE-2020-10648 | Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by pr... | 7.8 - HIGH | 2020-03-19 | 2021-03-26 |
| CVE-2020-8432 | In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing m... | 9.8 - CRITICAL | 2020-01-29 | 2023-11-07 |
| CVE-2019-14204 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14203 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14202 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14201 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14200 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helpe... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14199 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_pr... | 9.8 - CRITICAL | 2019-07-31 | 2019-08-02 |
| CVE-2019-14198 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_re... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14197 | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | 9.1 - CRITICAL | 2019-07-31 | 2019-08-02 |
| CVE-2019-14196 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14195 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_r... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14194 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_re... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14193 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlin... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-14192 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_pr... | 9.8 - CRITICAL | 2019-07-31 | 2020-08-24 |
| CVE-2019-13106 | Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which res... | 7.8 - HIGH | 2019-08-06 | 2023-03-03 |
| CVE-2019-13105 | Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ex... | 7.8 - HIGH | 2019-08-06 | 2019-08-13 |
| CVE-2019-13104 | In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of d... | 7.8 - HIGH | 2019-08-06 | 2022-04-18 |
Known software with vulnerabilities from Denx
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Denx | U-boot | - |