Advisory: Buffer overread in U-Boot DHCP
19 Aug
2024
19 Aug
'24
11:30 a.m.
Hello dear U-Boot maintainers and developers,
I hope you are all doing well.
During one of our assessments we found a low impact buffer overread vulnerability in the DHCP implementation of U-Boot.
According to the policy of the project [0] the attached vulnerability advisory is hereby disclosed to the public mailing list and the according maintainers.
We will publish the advisory in the next few hours on our website as well. (see links in the advisory)
If you have any questions feel free to contact me.
Best Regards
Simon Diepold
[0]: https://docs.u-boot.org/en/latest/develop/security.html
--
Simon Diepold
Security Consultant
OSCP
SCHUTZWERK GmbH, Pfarrer-Weiß-Weg 12, 89077 Ulm, Germany
Zertifiziert / Certified ISO 27001, 9001 and TISAX
Phone +49 731 977 191 0
Mobile +49 151 431 446 67
sdiepold@schutzwerk.com / www.schutzwerk.com
Geschäftsführer / Managing Directors:
Jakob Pietzka, Michael Schäfer
Amtsgericht Ulm / HRB 727391
Datenschutz / Data Protection www.schutzwerk.com/datenschutz
263
Age (days ago)
263
Last active (days ago)
0 comments
1 participants
participants (1)
-
Simon Diepold