In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis.
References
Configurations
History
07 Nov 2023, 03:26
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-01-29 19:15
Updated : 2024-02-28 17:28
NVD link : CVE-2020-8432
Mitre link : CVE-2020-8432
CVE.ORG link : CVE-2020-8432
JSON object : View
Products Affected
opensuse
- leap
denx
- u-boot