CVE-2019-14197Out-of-bounds Read in U-boot

CWE-125Out-of-bounds Read5 documents5 sources
Severity
9.1CRITICALNVD
EPSS
0.5%
top 34.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Denx U-bootDebian U-bootMsrc Azl3 Qemu 8.2.0-16 ON Azure Linux 3.0+1 more
Timeline
PublishedJul 31
Latest updateMay 24

Description

An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages5 packages

debiandebian/u-boot< u-boot 2020.01+dfsg-1 (bookworm)
Debiandenx/u-boot< 2020.01+dfsg-1+3
NVDdenx/u-boot2019.07

🔴Vulnerability Details

2
GHSA
GHSA-59rm-h66v-qr84: An issue was discovered in Das U-Boot through 20192022-05-24
OSV
CVE-2019-14197: An issue was discovered in Das U-Boot through 20192019-07-31

📋Vendor Advisories

2
Microsoft
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.2019-07-09
Debian
CVE-2019-14197: u-boot - An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of...2019