CVE-2022-30552

CVSS v2.0

6.8

Medium

Vector

AV:A/AC:L/Au:N/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Das U-Boot version 2022.01

Description The issue is related to a buffer overflow in the CONFIG IP DEFRAG function, which is responsible for IP packet defragmentation in the U-Boot bootloader for Linux-based embedded operating systems. This buffer overflow can be exploited by a remote attacker using a specially crafted fragmented IP datagram, potentially leading to a denial of service.

Recommendations For Das U-Boot version 2022.01, consider disabling the CONFIG IP DEFRAG function as a temporary workaround to minimize the risk of exploitation until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALT-PU-2022-1646

BDU:2022-03346

CVE-2022-30552

DLA-4150-1

OPENSUSE-SU-2022_2053-1

OPENSUSE-SU-2022_2056-1

SUSE-SU-2022:2052-1

SUSE-SU-2022:2053-1

SUSE-SU-2022:2054-1

SUSE-SU-2022:2055-1

SUSE-SU-2022:2056-1

SUSE-SU-2022:2057-1

SUSE-SU-2022:2058-1

SUSE-SU-2022:2584-1

USN-5764-1

USN-6523-1

Affected Products

Alt Linux

Das U-Boot

Debian

Linuxmint

Suse

Ubuntu

CVE-2022-30552

Weakness Enumeration

Related Identifiers

Affected Products

References · 60