PT-2018-9373 · Denx+1 · U-Boot+1
Teddy Reed
·
Publicado
2018-06-26
·
Atualizado
2020-10-22
·
CVE-2018-1000205
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
U-Boot (affected versions not specified)
Description
The issue is related to improper input validation in Verified boot signature validation, which can lead to bypassing verified boot. This can be exploited through specially crafted FIT images and specific device memory functionality.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
U-Boot