RSS   Vulnerabilities for 'Barebox'   RSS

2021-08-02
 
CVE-2021-37847

NVD-CWE-noinfo
 

 
crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification.

 
2020-06-07
 
CVE-2020-13910

CWE-125
 

 
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.

 
2019-09-05
 
CVE-2019-15938

CWE-119
 

 
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.

 
 
CVE-2019-15937

CWE-119
 

 
Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.

 

 >>> Vendor: Pengutronix 2 Products
Barebox
RAUC


Copyright 2024, cxsecurity.com

 

Back to Top