Your submission was sent successfully! Close

CVE-2020-10648

Published: 19 March 2020

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration.

Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
u-boot
Launchpad, Ubuntu, Debian 		bionic
Released (2020.10+dfsg-1ubuntu0~18.04.2)
eoan Ignored
(reached end-of-life)
focal
Released (2021.01+dfsg-3ubuntu0~20.04.3)
groovy Not vulnerable
(2020.04+dfsg-2ubuntu1)
hirsute Not vulnerable
(2020.04+dfsg-2ubuntu1)
impish Not vulnerable
(2020.04+dfsg-2ubuntu1)
jammy Not vulnerable
(2020.04+dfsg-2ubuntu1)
precise Does not exist

trusty Does not exist

upstream
Released (2020.04+dfsg-1)
xenial Needed

Patches:
other: https://lists.denx.de/pipermail/u-boot/2020-March/403409.html
upstream: https://github.com/u-boot/u-boot/commit/390b26dc270aa3159df0c31775f91cd374a3dd3a
upstream: https://github.com/u-boot/u-boot/commit/382cf62039f775a1aec771645e3cbc32e1e2f0e3
upstream: https://github.com/u-boot/u-boot/commit/472f9113dbbbed88345f3d38de3ff37ca163508e
upstream: https://github.com/u-boot/u-boot/commit/477f559edf1144f95e29173d290818250aa57ef8
upstream: https://github.com/u-boot/u-boot/commit/c021971e132234667eb80bc29bdd4ad6c8d04458
upstream: https://github.com/u-boot/u-boot/commit/1b090032029b35080a5a87c9f1047882d894ab37
upstream: https://github.com/u-boot/u-boot/commit/67acad3db71bb372458fbb8a77749f5eb88aa324
upstream: https://github.com/u-boot/u-boot/commit/67acad3db71bb372458fbb8a77749f5eb88aa324
upstream: https://github.com/u-boot/u-boot/commit/8a9d03732e6d0f68107c80919096e7cf956dcb3d
upstream: https://github.com/u-boot/u-boot/commit/c3aa81e35cc53fcd825e89510cd648288e0b6b92
upstream: https://github.com/u-boot/u-boot/commit/3156ee35a3f11e578442ec7f2f3b96179cb07c94
upstream: https://github.com/u-boot/u-boot/commit/b008677daf2a9dc0335260c7c4e24390487fe0ca
upstream: https://github.com/u-boot/u-boot/commit/72188f546291cfadea99e9383c133d6aaa37d87d
upstream: https://github.com/u-boot/u-boot/commit/da76ed2795f2679ff0fa3c43f2b906157ec7c0b0
upstream: https://github.com/u-boot/u-boot/commit/0e29648f8e7e0aa60c0f7efe9d2efed98f8c0c6e

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading