Lucene search
Veracode Vulnerability DatabaseVERACODE:39725HistoryMar 12, 2023 - 8:36 p.m.
Denial Of Service (DoS)
2023-03-1220:36:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
u-boot
denial of service
usb dfu
vulnerability
heap-allocated
request buffer
transfer direction
0.001 Low
EPSS
Percentile
29.5%
u-boot is vulnerable to Denial Of Service (DoS). The vulnerability exists because the U-Boot DFU implementation does not bind the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command, allowing an attacker to write beyond the heap-allocated request buffer through the maliciously crafted USB DFU download setup packet with a wLength greater than 4096 bytes
| CPE | Name | Operator | Version |
|---|---|---|---|
| u-boot:sid | eq | 2020.10+dfsg-1+b1 | |
| u-boot:sid | eq | 2020.10+dfsg-1+b1 |
Related
prion
prion
Cross site request forgery (csrf)
2022-09-23 13:15:00
alpinelinux
alpinelinux
CVE-2022-2347
2022-09-23 13:15:10
debiancve
debiancve
CVE-2022-2347
2022-09-23 13:15:10
cve
cve
CVE-2022-2347
2022-09-23 13:15:10
cvelist
cvelist
CVE-2022-2347 Unchecked Download size in Uboot
2022-07-07 00:00:00
osv
osv
CVE-2022-2347
2022-09-23 13:15:10
u-boot-nezha vulnerability
2023-11-29 13:41:02
u-boot vulnerabilities
2022-12-06 12:54:01
ubuntucve
ubuntucve
CVE-2022-2347
2022-09-23 00:00:00
nvd
nvd
CVE-2022-2347
2022-09-23 13:15:10
ubuntu
ubuntu
u-boot-nezha vulnerability
2023-11-29 00:00:00
U-Boot vulnerabilities
2022-12-06 00:00:00
nessus
nessus
Ubuntu 22.04 LTS / 23.04 : u-boot-nezha vulnerability (USN-6523-1)
2023-11-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6523-1)
2023-11-30 00:00:00
Ubuntu: Security Advisory (USN-5764-1)
2022-12-07 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0329
2023-02-08 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0528
2023-02-08 00:00:00