Описание
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
Ссылки
- Mailing ListPatchVendor Advisory
- Mailing ListMitigationVendor Advisory
- Mailing ListPatchVendor Advisory
- Mailing ListMitigationVendor Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ...
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
EPSS
5.5 Medium
CVSS3
4.3 Medium
CVSS2