Skip to main content

U Boot CVE-2022-30552

MEDIUM
Classic Buffer Overflow (CWE-120)
2022-06-08 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 08, 2022 - 13:15 cve.org
MEDIUM 5.5

DescriptionCVE.org

Das U-Boot 2022.01 has a Buffer Overflow.

AnalysisAI

Das U-Boot 2022.01 has a Buffer Overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. Affected products include: Denx U-Boot.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

More in U Boot

View all
CVE-2022-34835 CRITICAL POC
9.8 Jun 30

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md"

CVE-2022-30790 HIGH POC
7.8 Jun 08

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. Rated high severity (CVSS 7.8), this vu

CVE-2020-10648 HIGH POC
7.8 Mar 19

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images

CVE-2022-30767 CRITICAL POC
9.8 May 16

nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a fai

CVE-2018-18439 CRITICAL POC
9.8 Nov 20

DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer overflow via a malicious TFTP server because TFTP traf

CVE-2022-2347 HIGH POC
7.7 Sep 23

There exists an unchecked length field in UBoot. Rated high severity (CVSS 7.7), this vulnerability is no authentication

CVE-2019-14199 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

CVE-2019-14193 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

CVE-2019-14203 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

CVE-2019-14202 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

CVE-2019-14201 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

CVE-2019-14200 CRITICAL
9.8 Jul 31

An issue was discovered in Das U-Boot through 2019.07. Rated critical severity (CVSS 9.8), this vulnerability is remotel

Share

CVE-2022-30552 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy