It was discovered that U-Boot incorrectly handled certain USB DFU download
setup packets. A local attacker could use this issue to cause U-Boot to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2022-2347)
Nicolas Bidron and Nicolas Guigo discovered that U-Boot incorrectly handled
certain fragmented IP packets. A local attacker could use this issue to
cause U-Boot to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu
20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-30552, CVE-2022-30790)
It was discovered that U-Boot incorrectly handled certain NFS lookup
replies. A remote attacker could use this issue to cause U-Boot to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-30767)
Jincheng Wang discovered that U-Boot incorrectly handled certain SquashFS
structures. A local attacker could use this issue to cause U-Boot to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-33103)
Tatsuhiko Yasumatsu discovered that U-Boot incorrectly handled certain
SquashFS structures. A local attacker could use this issue to cause U-Boot
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-33967)
It was discovered that U-Boot incorrectly handled the i2c command. A local
attacker could use this issue to cause U-Boot to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-34835)
More Stories
chromium-135.0.7049.52-2.fc40
FEDORA-2025-609ed3aaa7 Packages in this update: chromium-135.0.7049.52-2.fc40 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...
chromium-135.0.7049.52-1.fc41
FEDORA-2025-98dd4c4639 Packages in this update: chromium-135.0.7049.52-1.fc41 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...
chromium-135.0.7049.52-2.el9
FEDORA-EPEL-2025-eb7e3d90f5 Packages in this update: chromium-135.0.7049.52-2.el9 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...
chromium-135.0.7049.52-2.fc42
FEDORA-2025-c4a9f54d14 Packages in this update: chromium-135.0.7049.52-2.fc42 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...
USN-7413-1: Linux kernel (IoT) vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...
USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...