CVE-2022-33967: U-Boot

Everything has a beginning. You cannot have a running device with Embedded Linux without a bootloader that initializes the hardware and load and start the OS.

U-Boot (subtitled “the Universal Boot Loader” and often shortened to U-Boot), started by Wolfgang Denx more than 20 years ago,has become a de-facto standard for Embedded Linux Device and not only. It is available for a large number of different computer architectures, including 68k, ARM, Blackfin, MicroBlaze, MIPS, Nios, SuperH, PPC, RISC-V and x86.

The project started as an MPC 8xx PowerPC bootloader . Wolfgang Denk moved the project to SourceForge.net and renamed it to PPCBoot, because SF.net did not allow project names starting with digits.[8] Version 0.4.1 of PPCBoot was first publicly released July 19, 2000.

In 2002 a previous version of the source code was briefly forked into a product called ARMBoot, but was merged back into the PPCBoot project shortly thereafter. On October 31, 2002 PPCBoot−2.0.0 was released. This marked the last release under the PPCBoot name, as it was renamed to reflect its ability to work on other architectures besides the PPC ISA. PPCBoot−2.0.0 became U−Boot−0.1.0 in November 2002, expanded to work on the x86 processor architecture. Additional architecture capabilities were added in the following months: MIPS32 in March 2003, MIPS64 in April, Nios II in October, ColdFire in December, and MicroBlaze in April 2004. The May 2004 release of U-Boot-1.1.2 worked on the products of 216 board manufacturers across the various architectures.[10]

The current name Das U-Boot adds a German definite article, to create a bilingual pun on the classic 1981 German submarine film Das Boot, which takes place on a World War II German U-boat. It is free software released under the terms of the GNU General Public License. It can be built on an x86 PC for any of its intended architectures using a cross development GNU toolchain.

The importance of U-Boot in embedded Linux systems is quite succinctly stated in the book Building Embedded Linux Systems, by Karim Yaghmour, whose text about U-Boot begins, “Though there are quite a few other bootloaders, ‘Das U-Boot’, the universal bootloader, is arguably the richest, most flexible, and most actively developed open source bootloader available.”

Here the current documentation for the project and its Source Code.

Older and not anymore updated documentation:

• Release Cycle and Release Schedule
• List of custodians and their git repositories
• Workflow for custodian git repositories
• Development Process
• Coding Style
• Patches
• Tasks
• Mailing List
• Mailing List Archive:
  http://lists.denx.de/pipermail/u-boot/
  http://dir.gmane.org/gmane.comp.boot-loaders.u-boot
  http://marc.info/?l=u-boot