CVE-2017-3226

Name of the Vulnerable Software and Affected Versions: Das U-Boot (affected versions not specified)

Description: The issue concerns Das U-Boot's AES-CBC encryption feature, specifically when environment encryption is enabled. An attacker with physical access to the device can manipulate encrypted environment data to trigger an error in environment variable parsing. This error is improperly handled, leading to process termination with a debugging message.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.