Buffer Overflow in Das U-Boot Version 2022.01
CVE-2022-30552

5.5MEDIUM

Key Information:

Vendor: Denx
Status: U-boot
Vendor: CVE Published:; 8 June 2022

What is CVE-2022-30552?

Das U-Boot version 2022.01 is susceptible to a buffer overflow vulnerability, which could allow attackers to exploit this flaw and execute arbitrary code. This type of vulnerability often arises due to incorrect bounds checking, leading to potential unauthorized access and control over systems utilizing this bootloader software. Users of Das U-Boot should evaluate their implementation and consider applying fresh updates or patches to mitigate potential security risks.

References

https://github.com/u-boot/u-boot/tags

x_refsource_MISC

https://research.nccgroup.com/2022/06/03/technical-adviso...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2022
Vulnerability Reserved
May 11, 2022

CVE-2022-30552 Data

JSON

Denx

What is CVE-2022-30552?

References

CVSS V3.1

Timeline