[Git][security-tracker-team/security-tracker][master] Add CVE-2022-30767/u-boot

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 17 06:15:33 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
915cb99a by Salvatore Bonaccorso at 2022-05-17T07:14:35+02:00
Add CVE-2022-30767/u-boot

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -496,7 +496,13 @@ CVE-2022-30769
 CVE-2022-30768
 	RESERVED
 CVE-2022-30767 (nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and throu ...)
-	TODO: check
+	- u-boot <unfixed>
+	[bullseye] - u-boot <ignored> (Minor issue)
+	[buster] - u-boot <not-affected> (Incorrect fix for CVE-2019-14196 not applied)
+	NOTE: Introduced by: https://github.com/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96 (v2019.10-rc4)
+	NOTE: https://lists.denx.de/pipermail/u-boot/2022-May/483952.html
+	NOTE: https://securitylab.github.com/research/uboot-rce-nfs-vulnerability/
+	NOTE: Issue exists because of an incorrect fix for CVE-2019-14196.
 CVE-2022-30766
 	RESERVED
 CVE-2022-30765 (Calibre-Web before 0.6.18 allows user table SQL Injection. ...)
@@ -195651,6 +195657,8 @@ CVE-2019-14196 (An issue was discovered in Das U-Boot through 2019.07. There is
 	[jessie] - u-boot <no-dsa> (Minor issue)
 	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
 	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96
+	NOTE: Fixing this issue with the original upstream commit introduces CVE-2022-30767 due to
+	NOTE: an incorrect fix.
 CVE-2019-14195 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
 	- u-boot 2020.01+dfsg-1
 	[buster] - u-boot <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/915cb99a5b30f70ec7f0edf1c06c5a2d28bc807e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/915cb99a5b30f70ec7f0edf1c06c5a2d28bc807e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220517/7649766a/attachment.htm>

More information about the debian-security-tracker-commits mailing list