CVE-2019-13104 — Integer Underflow (Wrap or Wraparound) in U-boot

CWE-191 — Integer Underflow (Wrap or Wraparound)CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.3%

top 47.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Denx U-boot Debian U-boot Opensuse Leap

Timeline

PublishedAug 6

Latest updateMay 24

Description

In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/u-boot< u-boot 2020.01+dfsg-1 (bookworm)

▶Debiandenx/u-boot< 2020.01+dfsg-1+3

▶NVDdenx/u-boot2016.09 — 2019.04+1

▶NVDopensuse/leap15.0, 15.1+1

Patches

Patch: github.com ↗Patch: lists.denx.de ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-rf5j-jvr6-2g8r: In Das U-Boot versions 2016↗2022-05-24

▶

OSV

CVE-2019-13104: In Das U-Boot versions 2016↗2019-08-06

▶

📋Vendor Advisories

Debian

CVE-2019-13104: u-boot - In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause m...↗2019

▶