Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
patchinfo.16977
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.16977
<patchinfo incident="16977"> <issue tracker="cve" id="2020-10648"/> <issue tracker="cve" id="2019-14198"/> <issue tracker="cve" id="2019-11059"/> <issue tracker="cve" id="2019-11690"/> <issue tracker="cve" id="2019-14195"/> <issue tracker="cve" id="2019-14201"/> <issue tracker="cve" id="2019-14200"/> <issue tracker="cve" id="2019-14203"/> <issue tracker="cve" id="2019-14196"/> <issue tracker="cve" id="2019-14192"/> <issue tracker="cve" id="2020-8432"/> <issue tracker="cve" id="2019-14204"/> <issue tracker="cve" id="2019-14202"/> <issue tracker="cve" id="2019-14194"/> <issue tracker="cve" id="2019-13103"/> <issue tracker="cve" id="2019-14197"/> <issue tracker="cve" id="2019-14193"/> <issue tracker="cve" id="2019-14199"/> <issue tracker="bnc" id="1143820">VUL-0: CVE-2019-14196: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.</issue> <issue tracker="bnc" id="1143828">VUL-0: CVE-2019-14202: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.</issue> <issue tracker="bnc" id="1134157">VUL-1: CVE-2019-11690: u-boot: missing srand call which allows attackers to determine UUID</issue> <issue tracker="bnc" id="1143824">VUL-0: CVE-2019-14199: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.</issue> <issue tracker="bnc" id="1167209">VUL-0: CVE-2020-10648: u-boot: verified boot improper signature verification</issue> <issue tracker="bnc" id="1143817">VUL-0: CVE-2019-14193: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.</issue> <issue tracker="bnc" id="1143777">VUL-0: CVE-2019-14192: u-boot: integer underflow due to unbounded memcpy when parsing a UDP packet</issue> <issue tracker="bnc" id="1143818">VUL-0: CVE-2019-14194: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.</issue> <issue tracker="bnc" id="1143827">VUL-0: CVE-2019-14201: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.</issue> <issue tracker="bnc" id="1143463">VUL-1: CVE-2019-13103: u-boot,u-boot-rpi3: A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually crash or overwrite data</issue> <issue tracker="bnc" id="1162198">VUL-0: CVE-2020-8432: u-boot: double free in the cmd/gpt.c do_rename_gpt_parts() function, allowing an attacker to execute arbitrary code</issue> <issue tracker="bnc" id="1143823">VUL-0: CVE-2019-14198: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.</issue> <issue tracker="bnc" id="1134853">VUL-1: CVE-2019-11059: u-boot: mishandling the ext4 64-bit extension, resulting in a buffer overflow</issue> <issue tracker="bnc" id="1143831">VUL-0: CVE-2019-14204: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.</issue> <issue tracker="bnc" id="1143821">VUL-0: CVE-2019-14197: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.</issue> <issue tracker="bnc" id="1143825">VUL-0: CVE-2019-14200: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.</issue> <issue tracker="bnc" id="1143830">VUL-0: CVE-2019-14203: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.</issue> <issue tracker="bnc" id="1143819">VUL-0: CVE-2019-14195: u-boot: An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.</issue> <packager>mbrugger</packager> <rating>important</rating> <category>security</category> <summary>Security update for u-boot</summary> <description>This update for u-boot fixes the following issues: CVE-2019-14192 (bsc#1143777), CVE-2019-14193 (bsc#1143817), CVE-2019-14199 (bsc#1143824), CVE-2019-14197 (bsc#1143821), CVE-2019-14200 (bsc#1143825), CVE-2019-14201 (bsc#1143827), CVE-2019-14202 (bsc#1143828), CVE-2019-14203 (bsc#1143830), CVE-2019-14204 (bsc#1143831), CVE-2019-14194 (bsc#1143818), CVE-2019-14198 (bsc#1143823), CVE-2019-14195 (bsc#1143819), CVE-2019-14196 (bsc#1143820), CVE-2019-13103 (bsc#1143463), CVE-2020-8432 (bsc#1162198), CVE-2019-11059 (bsc#1134853), CVE-2019-11690 (bsc#1134157) and CVE-2020-10648 (bsc#1167209) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor