CVE-2022-33967Out-of-bounds Write in U-boot

CWE-787Out-of-bounds Write7 documents6 sources
Severity
7.8HIGHNVD
OSV7.1
EPSS
0.1%
top 70.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Denx U-bootDebian U-bootDenx Software Engineering U-boot+2 more
Timeline
PublishedJul 20
Latest updateDec 6

Description

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages7 packages

debiandebian/u-boot< u-boot 2022.07+dfsg-1 (bookworm)
Debiandenx/u-boot< 2021.01+dfsg-5+deb11u1+3
Ubuntudenx/u-boot< 2020.10+dfsg-1ubuntu0~18.04.3+2
NVDdenx/u-boot6 versions+5
CVEListV5denx_software_engineering/u-bootversions from v2020.10-rc2 to v2022.07-rc5

Patches

Patch: source.denx.dePatch: source.denx.de

🔴Vulnerability Details

3
OSV
u-boot vulnerabilities2022-12-06
GHSA
GHSA-m6jw-rg4f-jw25: squashfs filesystem implementation of U-Boot versions from v20202022-07-21
OSV
CVE-2022-33967: squashfs filesystem implementation of U-Boot versions from v20202022-07-20

📋Vendor Advisories

3
Ubuntu
U-Boot vulnerabilities2022-12-06
Microsoft
squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a s2022-07-12
Debian
CVE-2022-33967: u-boot - squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022...2022