Vulnerability Details CVE-2022-33103
Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- https://lore.kernel.org/all/20220609140206.297405-1-miquel.raynal%40bootlin.com/
- https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw%40mail.gmail.com/
- https://lore.kernel.org/all/20220609140206.297405-1-miquel.raynal%40bootlin.com/
- https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw%40mail.gmail.com/
Products affected by CVE-2022-33103
-
cpe:2.3:a:denx:u-boot:2020.10
-
cpe:2.3:a:denx:u-boot:2021.01
-
cpe:2.3:a:denx:u-boot:2021.04
-
cpe:2.3:a:denx:u-boot:2022.01
-
cpe:2.3:a:denx:u-boot:2022.04
-
cpe:2.3:a:denx:u-boot:2022.07