CVE-2022-33103

HIGH

Das U-Boot <2022.07-rc3 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

Scores

CVSS v3 7.8
EPSS 0.0045
EPSS Percentile 36.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (2)
denx/u-boot 2022.07 rc1 (3 CPE variants)
denx/u-boot 2020.10 - 2022.07
Published Jul 01, 2022
Tracked Since Feb 18, 2026