CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11690
https://notcve.org/view.php?id=CVE-2019-11690
gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device. La función gen_rand_uuid en el archivo lib / uuid.c en Das U-Boot versión 2014.04 hasta 2019.04, carece de una llamada srand, que permite a los atacantes determinar valores UUID en escenarios donde CONFIG_RANDOM_UUID está habilitado, y Das U-Boot se basa en los valores UUID de una tabla de particiones GUID de un dispositivo de arranque. • https://patchwork.ozlabs.org/patch/1092945 • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.2EPSS: 0%CPEs: 6EXPL: 1CVE-2018-3968
https://notcve.org/view.php?id=CVE-2018-3968
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy image format. To trigger this vulnerability, a local attacker needs to be able to supply the image to boot. Existe una vulnerabilidad explotable en la protección verificada de arranque de Das U-Boot, desde la versión 2013.07-rc1 hasta la 2014.07-rc2. Las versiones afectadas carecen de una aplicación adecuada de las firmas FIT, lo que permite que un atacante omita el arranque verificado de U-Boot y ejecute un kernel sin firmar, embebido en un formato de imagen heredado. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0633 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-18439
https://notcve.org/view.php?id=CVE-2018-18439
DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traffic is mishandled. Also, local exploitation can occur via a crafted kernel image. DENX U-Boot hasta el 2018.09-rc1 tiene un desbordamiento de búfer explotable de forma remota mediante un servidor TFTP malicioso debido a que el tráfico TFTP se gestiona de manera incorrecta. Además, podría ocurrir una explotación local mediante una imagen de kernel manipulada. • http://www.openwall.com/lists/oss-security/2018/11/02/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-18440
https://notcve.org/view.php?id=CVE-2018-18440
DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled. DENX U-Boot hasta el 2018.09-rc1 tiene un desbordamiento de búfer explotable de forma local mediante una imagen del kernel manipulada debido a que la carga del sistema de archivos se gestiona de manera incorrecta. • http://www.openwall.com/lists/oss-security/2018/11/02/2 https://cert-portal.siemens.com/productcert/pdf/ssa-618620.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3225 – Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data
https://notcve.org/view.php?id=CVE-2017-3225
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data. Das U-Boot es un bootloader de dispositivos que puede leer su configuración desde un archivo cifrado por AES. • http://www.securityfocus.com/bid/100675 https://www.kb.cert.org/vuls/id/166743 • CWE-310: Cryptographic Issues CWE-329: Generation of Predictable IV with CBC Mode •