u-boot · threatengine.sh

CVE-2026-33243

>= 2013.07 and < 2026.04

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 (and the corresponding backport to 2025.09.

8.2HIGH

CVE-2025-24857

< 2017.11

Improper access control for volatile memory containing boot code in Universal Boot Loader (U-Boot) before 2017.11 and Qualcomm chi

7.6HIGH

CVE-2025-45512

all versions

A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to ins

6.5MEDIUM

CVE-2024-57259

<= 2024.10

sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs di

7.1HIGH

CVE-2024-57258

<= 2024.10

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via requ

7.1HIGH

CVE-2024-57257

<= 2024.10

A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink

2.0LOW

CVE-2024-57256

<= 2024.10

An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via

7.1HIGH

CVE-2024-57255

<= 2024.10

An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inod

7.1HIGH

CVE-2024-57254

<= 2024.10

An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squas

7.1HIGH

CVE-2024-42040

<= 2025.10

Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any plat

8.1HIGH

CVE-2022-2347

>= 2012.10 and <= 2022.07

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download

7.7HIGH

CVE-2022-33967

all versions

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vuln

7.8HIGH

CVE-2022-33103

>= 2020.10 and < 2022.07

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

7.8HIGH

CVE-2022-34835

< 2022.07

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command e

9.8CRITICAL

CVE-2022-30790

all versions

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.

7.8HIGH

CVE-2022-30552

all versions

Das U-Boot 2022.01 has a Buffer Overflow.

5.5MEDIUM

CVE-2022-30767

<= 2022.04

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length

9.8CRITICAL

CVE-2021-27138

<= 2021.01

The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.

7.8HIGH

CVE-2021-27097

<= 2021.01

The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT.

7.8HIGH

CVE-2020-10648

< 2018.03

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providi

7.8HIGH

CVE-2020-8432

<= 2020.01

In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may re

9.8CRITICAL

CVE-2019-13106

>= 2016.09 and <= 2019.04

Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results

7.8HIGH

CVE-2019-13105

all versions

Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 fi

7.8HIGH

CVE-2019-13104

>= 2016.09 and <= 2019.04

In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (

7.8HIGH

CVE-2019-14204

<= 2019.07