Das U-Boot vulnerabilities
2 known vulnerabilities affecting das/u-boot.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-3226MEDIUMCVSS 6.4≥ 2017.09, < 2017.092018-07-24
CVE-2017-3226 [MEDIUM] CWE-329 CVE-2017-3226: Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Device
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical
nvd
CVE-2017-3225MEDIUMCVSS 4.6≥ 2017.09, < 2017.092018-07-24
CVE-2017-3225 [MEDIUM] CWE-329 CVE-2017-3225: Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For de
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot's AES-CBC encryption feature uses
nvd