Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1000205

Опубликовано: 26 июн. 2018
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.5

Описание

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

2019.07+dfsg-1ubuntu4~18.04.1
cosmic

ignored

end of life
devel

not-affected

2020.04+dfsg-2ubuntu1
disco

ignored

end of life
eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/bionic

not-affected

2019.07+dfsg-1ubuntu4~18.04.1
esm-infra/focal

not-affected

2019.07+dfsg-1ubuntu6
esm-infra/xenial

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%
0.00182
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-1000205

CVSS3: 5.5
nvd
больше 7 лет назад

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

debian логотип

CVE-2018-1000205

CVSS3: 5.5
debian
больше 7 лет назад

U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ...

github логотип

GHSA-8frp-j862-qcw3

CVSS3: 5.5
github
больше 3 лет назад

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

EPSS

Процентиль: 40%
0.00182
Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3