CVE-2022-33103
Description
Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.063
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| A boot loader for embedded systems (USN-5764-1) u-boot-qemu_2022.01+dfsg-2ubuntu2.3_all.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-qemu_2022.07+dfsg-1ubuntu4.2_all.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-qemu_2020.10+dfsg-1ubuntu0~18.04.3_all.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-qemu_2021.01+dfsg-3ubuntu0~20.04.5_all.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2022.01+dfsg-2ubuntu2.3_amd64.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2022.07+dfsg-1ubuntu4.2_amd64.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_i386.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_amd64.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2021.01+dfsg-3ubuntu0~20.04.5_amd64.deb | Linux |
| SUSE-SU-2022:2868-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) u-boot-tools-debuginfo-2021.01-150300.7.18.1.x86_64.rpm | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-qemu_2022.07+dfsg-1ubuntu4.2_all.deb | Linux |
| A boot loader for embedded systems (USN-5764-1) u-boot-tools_2022.07+dfsg-1ubuntu4.2_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234