Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-11690

Опубликовано: 03 мая 2019
Источник: debian
EPSS Низкий

Описание

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
u-bootfixed2019.01+dfsg-6package
u-bootno-dsastretchpackage
u-bootignoredjessiepackage

Примечания

  • https://patchwork.ozlabs.org/patch/1092945

EPSS

Процентиль: 54%
0.00316
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-11690

CVSS3: 5.9
ubuntu
почти 7 лет назад

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

nvd логотип

CVE-2019-11690

CVSS3: 5.9
nvd
почти 7 лет назад

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

github логотип

GHSA-6xpg-gw5j-9x8w

CVSS3: 5.9
github
больше 3 лет назад

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

suse-cvrf логотип

SUSE-SU-2020:3474-1

suse-cvrf
около 5 лет назад

Security update for u-boot

suse-cvrf логотип

openSUSE-SU-2020:1930-1

suse-cvrf
около 5 лет назад

Security update for u-boot

EPSS

Процентиль: 54%
0.00316
Низкий