Описание
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2020.10+dfsg-1ubuntu0~18.04.2 |
| devel | not-affected | 2020.04+dfsg-2ubuntu1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 2020.10+dfsg-1ubuntu0~18.04.2 |
| esm-infra/focal | released | 2021.01+dfsg-3ubuntu0~20.04.3 |
| esm-infra/xenial | needed | |
| focal | released | 2021.01+dfsg-3ubuntu0~20.04.3 |
| groovy | not-affected | 2020.04+dfsg-2ubuntu1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
An issue was discovered in Das U-Boot through 2019.07. There is an unb ...
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
Уязвимость функции nfs_read_reply компонента net/nfs.c загрузчика U-Boot, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
7.5 High
CVSS2
9.8 Critical
CVSS3