Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
The flaws in the IP defragmentation method employed by NCC Group in U-Boot could be used to achieve arbitrary out-of-bounds writing and denial-of-service attacks (DoS).
U-Boot is a boot loader for Linux-based embedded devices like ChromeOS and ebook readers like Amazon Kindle and Kobo eReader.
Two unpatched security vulnerabilities in the open-source U-Boot boot loader have been discovered by security experts.
The flaws in the IP defragmentation method employed by NCC Group in U-Boot could be used to achieve arbitrary out-of-bounds writing and denial-of-service attacks (DoS).
U-Boot is a boot loader for Linux-based embedded devices like ChromeOS and ebook readers like Amazon Kindle and Kobo eReader.
The problems are listed below -
- CVE-2022-30790 CVE-2022-30790 CVE-2022-30790 (CVSS score: 9.6) - In U-Boot IP packet defragmentation, a Hole Descriptor overwrite causes an arbitrary out-of-bounds write primitive.
- CVE-2022-30552 is a vulnerability that affects computers (CVSS score: 7.1) - In the U-Boot IP packet defragmentation algorithm, a large buffer overflow causes a DoS.
It's worth mentioning that both weaknesses can only be exploited from within the local network. However, by constructing a faulty packet, an attacker can root the devices and cause a DoS.
U-boot maintainers are expected to remedy the flaws in an upcoming patch, after which users are advised to update to the most recent version.
Comments
Post a Comment