Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2022-33103

Published: 1 July 2022

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
u-boot
Launchpad, Ubuntu, Debian
bionic
Released (2020.10+dfsg-1ubuntu0~18.04.3)
focal
Released (2021.01+dfsg-3ubuntu0~20.04.5)
impish Ignored
(reached end-of-life)
jammy
Released (2022.01+dfsg-2ubuntu2.3)
kinetic Not vulnerable
(2022.07+dfsg-1ubuntu4)
trusty Does not exist

upstream Needs triage

xenial Needs triage

Patches:
upstream: https://github.com/u-boot/u-boot/commit/2ac0baab4aff1a0b45067d0b62f00c15f4e86856