📦 U Boot

CVE-2022-34835 is a critical stack-based buffer overflow vulnerability in Das U-Boot bootloader's 'i2c md' command. An attacker with access to the bootloader console can exploit this to execute arbitr...

This vulnerability is a buffer overflow in Das U-Boot's NFS client implementation that allows remote code execution. It affects systems using U-Boot with NFS support enabled, particularly embedded dev...

This vulnerability allows attackers to bypass access controls in U-Boot bootloader's volatile memory, potentially executing arbitrary code during system boot. It affects devices using U-Boot versions ...

An integer overflow vulnerability in Das U-Boot's squashfs filesystem parser allows attackers to cause memory corruption via specially crafted symlink entries. This affects systems using U-Boot bootlo...

This CVE describes an integer overflow vulnerability in Das U-Boot's squashfs filesystem handling. When processing a specially crafted squashfs filesystem with a specific inode size, it causes a zero-...

Integer overflow vulnerabilities in Das U-Boot's memory allocation functions allow attackers to cause heap corruption via specially crafted squashfs filesystems. This affects systems using U-Boot boot...

An off-by-one error in Das U-Boot's squashfs directory listing function (sqfs_search_dir) causes heap memory corruption when processing paths. This vulnerability affects systems using Das U-Boot bootl...

This vulnerability in U-Boot v1.1.3 allows attackers to bypass signature verification during firmware updates, enabling installation of malicious firmware that can execute arbitrary code. It affects s...