ID
VAR-E-201811-0063
CVE
| cve_id: | CVE-2018-18440 | Trust: 0.3 |
| cve_id: | CVE-2018-18439 | Trust: 0.3 |
sources:
BID: 105852
TITLE
Das U-Boot Multiple Local Arbitrary Code Execution Vulnerabilities
Trust: 0.3
sources:
BID: 105852
DESCRIPTION
Das U-Boot is prone to multiple local arbitrary code-execution vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the U-Boot instance. Failed exploit attempts will likely cause a denial-of-service condition.
Trust: 0.3
sources:
BID: 105852
AFFECTED PRODUCTS
| vendor: | u boot | model: | das u-boot | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 105852
EXPLOIT
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Trust: 0.3
sources:
BID: 105852
PRICE
Free
Trust: 0.3
sources:
BID: 105852
TYPE
Unknown
Trust: 0.3
sources:
BID: 105852
CREDITS
Inverse Path team at F-Secure, in collaboration with Quarkslab.
Trust: 0.3
sources:
BID: 105852
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-18440 | Trust: 0.3 |
| db: | NVD | id: | CVE-2018-18439 | Trust: 0.3 |
| db: | BID | id: | 105852 | Trust: 0.3 |
sources:
BID: 105852
REFERENCES
| url: | https://seclists.org/oss-sec/2018/q4/125 | Trust: 0.3 |
| url: | https://www.denx.de/wiki/u-boot/webhome | Trust: 0.3 |
| url: | https://github.com/inversepath/usbarmory/blob/master/software/secure_boot/security_advisory-ref_ipvr2018-0001.txt | Trust: 0.3 |
sources:
BID: 105852
SOURCES
| db: | BID | id: | 105852 |
LAST UPDATE DATE
2022-07-27T09:24:09.535000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 105852 | date: | 2018-11-02T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 105852 | date: | 2018-11-02T00:00:00 |