File _patchinfo of Package patchinfo.16979

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.16979

<patchinfo incident="16979">
  <issue tracker="bnc" id="1143821">VUL-0: CVE-2019-14197: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.</issue>
  <issue tracker="bnc" id="1167209">VUL-0: CVE-2020-10648: u-boot: verified boot improper signature verification</issue>
  <issue tracker="bnc" id="1143830">VUL-0: CVE-2019-14203: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.</issue>
  <issue tracker="bnc" id="1098447">[RPi3][RC2] u-boot GOP implementation specifies the wrong pixel format</issue>
  <issue tracker="bnc" id="1098649">[RPi3] Raspberry Pi 3 Model B+ DHCP boot fails</issue>
  <issue tracker="bnc" id="1143824">VUL-0: CVE-2019-14199: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.</issue>
  <issue tracker="bnc" id="1143831">VUL-0: CVE-2019-14204: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.</issue>
  <issue tracker="bnc" id="1143825">VUL-0: CVE-2019-14200: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.</issue>
  <issue tracker="bnc" id="1162198">VUL-0: CVE-2020-8432: u-boot: double free in the cmd/gpt.c do_rename_gpt_parts() function, allowing an attacker to execute arbitrary code</issue>
  <issue tracker="bnc" id="1143823">VUL-0: CVE-2019-14198: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.</issue>
  <issue tracker="bnc" id="1143817">VUL-0: CVE-2019-14193: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.</issue>
  <issue tracker="bnc" id="1134853">VUL-1: CVE-2019-11059: u-boot: mishandling the ext4 64-bit extension, resulting in a buffer overflow</issue>
  <issue tracker="bnc" id="1143777">VUL-0: CVE-2019-14192: u-boot: integer underflow due to unbounded memcpy when parsing a UDP packet</issue>
  <issue tracker="bnc" id="1143819">VUL-0: CVE-2019-14195: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.</issue>
  <issue tracker="bnc" id="1143820">VUL-0: CVE-2019-14196: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.</issue>
  <issue tracker="bnc" id="1143463">VUL-1: CVE-2019-13103: u-boot,u-boot-rpi3: A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually crash or overwrite data</issue>
  <issue tracker="bnc" id="1134157">VUL-1: CVE-2019-11690: u-boot: missing srand call which allows attackers to determine UUID</issue>
  <issue tracker="bnc" id="1143818">VUL-0: CVE-2019-14194: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.</issue>
  <issue tracker="bnc" id="1143827">VUL-0: CVE-2019-14201: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.</issue>
  <issue tracker="bnc" id="1143828">VUL-0: CVE-2019-14202: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.</issue>
  <issue tracker="cve" id="2019-14196"/>
  <issue tracker="cve" id="2019-14199"/>
  <issue tracker="cve" id="2019-11059"/>
  <issue tracker="cve" id="2019-14194"/>
  <issue tracker="cve" id="2019-14195"/>
  <issue tracker="cve" id="2020-10648"/>
  <issue tracker="cve" id="2019-14197"/>
  <issue tracker="cve" id="2019-14193"/>
  <issue tracker="cve" id="2019-14198"/>
  <issue tracker="cve" id="2019-14192"/>
  <issue tracker="cve" id="2019-14201"/>
  <issue tracker="cve" id="2019-14204"/>
  <issue tracker="cve" id="2019-14202"/>
  <issue tracker="cve" id="2019-13103"/>
  <issue tracker="cve" id="2019-14200"/>
  <issue tracker="cve" id="2019-11690"/>
  <issue tracker="cve" id="2019-14203"/>
  <issue tracker="cve" id="2020-8432"/>
  <packager>mbrugger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for u-boot</summary>
  <description>This update for u-boot fixes the following issues:

- Fix network boot on Raspberry Pi 3 B+ (bsc#1098649)
- Fix GOP pixel format (bsc#1098447)
- Fix SD writes on Raspberry Pi
- Enable a few more armv7 boards to boot with EFI
- Fix potentially miscompiled runtime service calls

Fix CVE-2019-14192 (bsc#1143777), CVE-2019-14193 (bsc#1143817), 
CVE-2019-14199 (bsc#1143824), CVE-2019-14197 (bsc#1143821), 
CVE-2019-14200 (bsc#1143825), CVE-2019-14201 (bsc#1143827),  
CVE-2019-14202 (bsc#1143828), CVE-2019-14203 (bsc#1143830), 
CVE-2019-14204 (bsc#1143831), CVE-2019-14194 (bsc#1143818), 
CVE-2019-14198 (bsc#1143823), CVE-2019-14195 (bsc#1143819), 
CVE-2019-14196 (bsc#1143820), CVE-2019-13103 (bsc#1143463), 
CVE-2020-8432 (bsc#1162198), CVE-2019-11059 (bsc#1134853), 
CVE-2019-11690 (bsc#1134157) and CVE-2020-10648 (bsc#1167209) 
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.16979

Places