Your submission was sent successfully! Close

CVE-2018-1000205

Published: 26 June 2018

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

Priority

Negligible

CVSS 3 base score: 5.5

Status

Package Release Status
u-boot
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(2019.07+dfsg-1ubuntu4~18.04.1)
cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Not vulnerable
(2019.07+dfsg-1ubuntu6)
groovy Not vulnerable
(2020.04+dfsg-2ubuntu1)
hirsute Not vulnerable
(2020.04+dfsg-2ubuntu1)
impish Not vulnerable
(2020.04+dfsg-2ubuntu1)
jammy Not vulnerable
(2020.04+dfsg-2ubuntu1)
precise Does not exist

trusty Does not exist
(trusty was needed)
upstream Needs triage

xenial Needed