Headline
CVE-2022-30767: Ineffective fix of CVE-2019-14196
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
zi0Black zi0Black at protonmail.com
Wed May 11 22:25:37 CEST 2022
- Previous message (by thread): [PATCH 7/8] powerpc: mpc85xx: Set TEXT_BASE addresses to real base values
- Next message (by thread): Ineffective fix of CVE-2019-14196
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi to every one,
The current fix for the vulnerability identified via CVE-2019-14196 is not effective and a buffer overflow is still possible. Please refer to my comment posted on the commit (5d14ee4e53a81055d34ba280cb8fd90330f22a96) on github.
https://github.com/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96
Regards,
zi0Black -------------- next part -------------- A non-text attachment was scrubbed… Name: signature.asc Type: application/pgp-signature Size: 509 bytes Desc: OpenPGP digital signature URL: https://lists.denx.de/pipermail/u-boot/attachments/20220511/3a9389bc/attachment.sig\
- Previous message (by thread): [PATCH 7/8] powerpc: mpc85xx: Set TEXT_BASE addresses to real base values
- Next message (by thread): Ineffective fix of CVE-2019-14196
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the U-Boot mailing list
Related news
Ubuntu Security Notice 5764-1 - It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled certain fragmented IP packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.