Headline
CVE-2022-33967: U-Boot
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.
Everything has a beginning. You cannot have a running device with Embedded Linux without a bootloader that initializes the hardware and load and start the OS.
U-Boot (subtitled “the Universal Boot Loader” and often shortened to U-Boot), started by Wolfgang Denx more than 20 years ago,has become a de-facto standard for Embedded Linux Device and not only. It is available for a large number of different computer architectures, including 68k, ARM, Blackfin, MicroBlaze, MIPS, Nios, SuperH, PPC, RISC-V and x86.
The project started as an MPC 8xx PowerPC bootloader . Wolfgang Denk moved the project to SourceForge.net and renamed it to PPCBoot, because SF.net did not allow project names starting with digits.[8] Version 0.4.1 of PPCBoot was first publicly released July 19, 2000.
In 2002 a previous version of the source code was briefly forked into a product called ARMBoot, but was merged back into the PPCBoot project shortly thereafter. On October 31, 2002 PPCBoot−2.0.0 was released. This marked the last release under the PPCBoot name, as it was renamed to reflect its ability to work on other architectures besides the PPC ISA. PPCBoot−2.0.0 became U−Boot−0.1.0 in November 2002, expanded to work on the x86 processor architecture. Additional architecture capabilities were added in the following months: MIPS32 in March 2003, MIPS64 in April, Nios II in October, ColdFire in December, and MicroBlaze in April 2004. The May 2004 release of U-Boot-1.1.2 worked on the products of 216 board manufacturers across the various architectures.[10]
The current name Das U-Boot adds a German definite article, to create a bilingual pun on the classic 1981 German submarine film Das Boot, which takes place on a World War II German U-boat. It is free software released under the terms of the GNU General Public License. It can be built on an x86 PC for any of its intended architectures using a cross development GNU toolchain.
The importance of U-Boot in embedded Linux systems is quite succinctly stated in the book Building Embedded Linux Systems, by Karim Yaghmour, whose text about U-Boot begins, “Though there are quite a few other bootloaders, ‘Das U-Boot’, the universal bootloader, is arguably the richest, most flexible, and most actively developed open source bootloader available.”
Here the current documentation for the project and its Source Code.
Older and not anymore updated documentation:
- Release Cycle and Release Schedule
- List of custodians and their git repositories
- Workflow for custodian git repositories
- Development Process
- Coding Style
- Patches
- Tasks
- Mailing List
- Mailing List Archive:
http://lists.denx.de/pipermail/u-boot/
http://dir.gmane.org/gmane.comp.boot-loaders.u-boot
http://marc.info/?l=u-boot
Related news
Ubuntu Security Notice 5764-1 - It was discovered that U-Boot incorrectly handled certain USB DFU download setup packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled certain fragmented IP packets. A local attacker could use this issue to cause U-Boot to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.