It was discovered that U-Boot incorrectly handled certain USB DFU download
setup packets. A local attacker could use this issue to cause U-Boot to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-2347)
Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled
certain fragmented IP packets. A local attacker could use this issue to
cause U-Boot to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu
20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30552, CVE-2022-30790)
It was discovered that U-Boot incorrectly handled certain NFS lookup
replies. A remote attacker could use this issue to cause U-Boot to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-30767)
Jincheng Wang discovered that U-Boot incorrectly handled certain SquashFS
structures. A local attacker could use this issue to cause U-Boot to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-33103)
Tatsuhiko Yasumatsu discovered that U-Boot incorrectly handled certain
SquashFS structures. A local attacker could use this issue to cause U-Boot
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-33967)
It was discovered that U-Boot incorrectly handled the i2c command. A local
attacker could use this issue to cause U-Boot to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-34835)
More Stories
USN-7439-1: QuickJS vulnerabilities
It was discovered that QuickJS could be forced to reference uninitialized memory in certain instances. An attacker could possibly use...
USN-7438-1: 7-Zip vulnerabilities
Igor Pavlov discovered that 7-Zip had several memory-related issues. An attacker could possibly use these issues to cause 7-Zip to...
mingw-libsoup-2.74.3-10.fc41
FEDORA-2025-8d023de6cb Packages in this update: mingw-libsoup-2.74.3-10.fc41 Update description: Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32909 Read More
mingw-libsoup-2.74.3-10.fc42
FEDORA-2025-4d3d9c564d Packages in this update: mingw-libsoup-2.74.3-10.fc42 Update description: Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32909 Read More
mingw-libsoup-2.74.3-10.fc40
FEDORA-2025-df1ce151e4 Packages in this update: mingw-libsoup-2.74.3-10.fc40 Update description: Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32909 Read More
giflib-5.2.2-6.fc40
FEDORA-2025-7d0fc65561 Packages in this update: giflib-5.2.2-6.fc40 Update description: Backport proposed fix for CVE-2025-31344 from OpenMandriva. Read More