CVE-2018-3968

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy image format. To trigger this vulnerability, a local attacker needs to be able to supply the image to boot.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0633

Affected packages

Git / github.com/u-boot/u-boot

Affected ranges

Type

GIT

Repo

https://github.com/u-boot/u-boot

Events

Introduced

62c175fbb8a0f9a926c88294ea9f7e88eb898f6c

Last affected

524123a70761110c5cf3ccc5f52f6d4da071b959

Introduced

Last affected

216a793cc1702227fd4ad624080f585038d1fa45

Introduced

Last affected

e6bf18dba2a21bebf2c421b1c2e188225f6485a1

Introduced

Last affected

68c517eafcb060aa8ef92ed2620f0f41c5275d89

Introduced

Last affected

3e41c54ad8099951d57c3c5a0f5ebc6e8becf70c

Introduced

Last affected

0116f40bbc269c57566d69e0db8cb9da2e194d33

Database specific

{
    "versions": [
        {
            "introduced": "2013.07"
        },
        {
            "last_affected": "2014.07"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2013.07-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2013.07-rc2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2013.07-rc3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2014.07-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2014.07-rc2"
        }
    ]
}

Affected versions

Other

LABEL_2002_11_05_0120

LABEL_2002_11_05_1735

LABEL_2002_11_10_2310

LABEL_2002_11_11_2211

LABEL_2002_11_18_0115

LABEL_2002_11_22_0015

LABEL_2002_12_03_2230

LABEL_2002_12_07_0120

LABEL_2002_12_21_0040

LABEL_2002_12_28_1700

LABEL_2003_01_11_1050

LABEL_2003_01_14_0055

LABEL_2003_02_28_0150

LABEL_2003_03_06_0050

LABEL_2003_03_06_0200

LABEL_2003_03_06_1440

LABEL_2003_03_06_2255

LABEL_2003_03_14_2150

LABEL_2003_03_25_1830

LABEL_2003_03_26_1300

LABEL_2003_03_27_1900

LABEL_2003_04_05_0300

LABEL_2003_04_15_1900

LABEL_2003_05_03_1700

LABEL_2003_05_12_2355

LABEL_2003_05_20_1630

LABEL_2003_05_20_2250

LABEL_2003_05_22_2230

LABEL_2003_05_23_0055

LABEL_2003_05_23_1450

LABEL_2003_05_30_1450

LABEL_2003_05_31_2115

LABEL_2003_06_04_0200

LABEL_2003_06_05_2140

LABEL_2003_06_16_0055

LABEL_2003_06_22_1530

LABEL_2003_06_26_2220

LABEL_2003_06_27_2340

LABEL_2003_06_29_0145

LABEL_2003_09_06_0055

LABEL_2003_09_12_0110

LABEL_2003_09_12_1745

LABEL_2003_09_13_2100

LABEL_2003_09_16_2310

LABEL_2003_09_18_2045

LABEL_2003_10_01_1830

LABEL_2003_10_06_2355

LABEL_2003_10_09_1515

LABEL_2003_10_09_2320

LABEL_2003_10_10_1200

LABEL_2003_10_14_2140

LABEL_2003_10_16_0200

LABEL_2003_10_20_0025

LABEL_2003_11_26_MKR

LABEL_2003_12_06_1550

LABEL_2004_01_21_2110

LABEL_2004_01_29_1030

LABEL_2004_02_11_2240

LABEL_2004_02_20_2310

LABEL_2004_02_24_0305

LABEL_2004_03_12_0130

LABEL_2004_03_14_2340

LABEL_2004_03_16_2330

LABEL_2004_03_25_1630

LABEL_2004_04_18_2135

LABEL_2004_04_23_2240

LABEL_2004_05_19_2335

LABEL_2004_05_29_1850

LABEL_2004_06_24_1800

LABEL_2004_07_01_1200

LABEL_2004_08_28_2355

LABEL_2004_08_29_0045

LABEL_2004_09_09_0000

LABEL_2004_10_12_0110

LABEL_2004_10_20_0020

LABEL_2004_11_17_2222

LABEL_2004_11_25_0035

LABEL_2004_12_18_2335

LABEL_2004_12_19_1100

LABEL_2004_12_19_2240

LABEL_2004_12_20_1220

LABEL_2005_01_31_2245

LABEL_2005_02_07_2045

LABEL_2005_02_08_1615

LABEL_2005_02_28_0050

LABEL_2005_03_06_0225

LABEL_2005_03_15_0125

LABEL_2005_04_05_1830

LABEL_2005_04_05_2345

LABEL_2005_04_14_0115

LABEL_2005_05_05_1920

LABEL_2005_05_09_1245

LABEL_2005_05_13_0050

LABEL_2005_07_04_0202

LABEL_2005_09_15_2320

LABEL_2006_04_18_1106

LABEL_2006_05_10_1800

LABEL_2006_05_19_1133

LABEL_2006_06_30_2020

U-Boot-0_2_0

U-Boot-0_3_0

U-Boot-0_3_1

U-Boot-0_4_0

U-Boot-0_4_1

U-Boot-0_4_2

U-Boot-0_4_3

U-Boot-0_4_4

U-Boot-0_4_5

U-Boot-0_4_6

U-Boot-0_4_7

U-Boot-0_4_8

U-Boot-1_0_0

U-Boot-1_0_1

U-Boot-1_0_2

U-Boot-1_1_0

U-Boot-1_1_1

U-Boot-1_1_2

U-Boot-1_1_3

U-Boot-1_1_4

U-Boot-1_1_6

U-Boot-1_2_0

v1.*

v1.3.1

v1.3.1-rc1

v1.3.2

v1.3.2-rc2

v1.3.2-rc3

v1.3.3

v1.3.3-rc1

v1.3.3-rc2

v1.3.3-rc3

v2008.*

v2008.10-rc2

v2009.*

v2009.01

v2009.01-rc1

v2009.01-rc2

v2009.01-rc3

v2009.03

v2009.03-rc1

v2009.03-rc2

v2009.06

v2009.06-rc1

v2009.06-rc2

v2009.06-rc3

v2009.08

v2009.08-rc1

v2009.08-rc2

v2009.08-rc3

v2009.11

v2009.11-rc1

v2009.11-rc2

v2010.*

v2010.03

v2010.03-rc1

v2010.03-rc2

v2010.03-rc3

v2010.06-rc1

v2010.06-rc2

v2010.09

v2010.09-rc1

v2010.12

v2010.12-rc1

v2010.12-rc2

v2010.12-rc3

v2011.*

v2011.03

v2011.03-rc1

v2011.03-rc2

v2011.06

v2011.06-rc1

v2011.06-rc2

v2011.06-rc3

v2011.09

v2011.09-rc1

v2011.09-rc2

v2011.12

v2011.12-rc1

v2011.12-rc2

v2011.12-rc3

v2012.*

v2012.04

v2012.04-rc1

v2012.04-rc2

v2012.04-rc3

v2012.04.01

v2012.07

v2012.07-rc1

v2012.07-rc2

v2012.07-rc3

v2012.10

v2012.10-rc1

v2012.10-rc2

v2012.10-rc3

v2013.*

v2013.01

v2013.01-rc1

v2013.01-rc2

v2013.01-rc3

v2013.04

v2013.04-rc1

v2013.04-rc2

v2013.04-rc3

v2013.07

v2013.07-rc1

v2013.07-rc2

v2013.07-rc3

v2013.10

v2013.10-rc1

v2013.10-rc2

v2013.10-rc3

v2013.10-rc4

v2014.*

v2014.01-rc1

v2014.04

v2014.07

v2014.07-rc1

v2014.07-rc2

v2014.07-rc3

v2014.07-rc4

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-3968.json"