u-boot (SUSE:Enterprise Storage 5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Enterprise Storage 5 package u-boot, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (17)
CVE-2019-14203 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function…
CVE-2019-14299 — CVSS 9.8 (critical): Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account…
CVE-2019-14204 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function…
CVE-2019-14192 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a…
CVE-2019-14193 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in…
CVE-2019-14194 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when…
CVE-2019-14195 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the…
CVE-2019-14196 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.
CVE-2019-11059 — CVSS 9.8 (critical): Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.
CVE-2019-14198 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when…
CVE-2019-14200 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function…
CVE-2019-14201 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function…
CVE-2019-14202 — CVSS 9.8 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function…
CVE-2019-14197 — CVSS 9.1 (critical): An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply.
CVE-2020-10648 — CVSS 7.8 (high): Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a…
CVE-2019-13103 — CVSS 7.1 (high): A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the…
CVE-2019-11690 — CVSS 5.9 (medium): gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in…