| Max CVSS | 8.3 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-13106 | 8.3 |
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.
|
03-03-2023 - 17:42 | 06-08-2019 - 20:15 | |
| CVE-2019-13104 | 6.8 |
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
|
18-04-2022 - 16:04 | 06-08-2019 - 19:15 | |
| CVE-2020-10648 | 6.8 |
Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.
|
26-03-2021 - 14:47 | 19-03-2020 - 14:15 | |
| CVE-2019-13103 | 3.6 |
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
|
24-08-2020 - 17:37 | 29-07-2019 - 15:15 | |
| CVE-2019-13105 | 6.8 |
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.
|
13-08-2019 - 19:40 | 06-08-2019 - 20:15 | |
| CVE-2019-11059 | 7.5 |
Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.
|
13-05-2019 - 12:20 | 10-05-2019 - 20:29 |