CVE-2022-30790

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
denxu-boot
2022.01
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
u-boot
bullseye
no-dsa
buster
no-dsa
stretch
no-dsa
bookworm
2023.01+dfsg-2+deb12u1
fixed
sid
2024.01+dfsg-5
fixed
trixie
2024.01+dfsg-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
u-boot
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
Fixed 2022.01+dfsg-2ubuntu2.3
released
impish
ignored
focal
Fixed 2021.01+dfsg-3ubuntu0~20.04.5
released
bionic
Fixed 2020.10+dfsg-1ubuntu0~18.04.3
released
xenial
needs-triage
u-boot-nezha
noble
needed
mantic
ignored
lunar
Fixed 2022.10-1089-g528ae9bc6c-0ubuntu1.23.04.2
released
kinetic
ignored
jammy
Fixed 2022.04+git20220405.7446a472-0ubuntu0.4
released
focal
dne
bionic
dne
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://github.com/u-boot/u-boot/tags
https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/
https://github.com/u-boot/u-boot/tags
https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/