CVE-2020-11683
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-11683
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11683.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-11683
- Published
- 2020-09-14T14:15:10Z
- Modified
- 2025-07-01T23:50:07.063221Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by attackers with physical access to forge CMAC values and subsequently boot arbitrary code on an affected system.
- References
Affected packages
Git / github.com/linux4sam/at91bootstrap
Affected ranges
- Type
- GIT
- Repo
- https://github.com/linux4sam/at91bootstrap
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
5series_1.*
5series_1.0
5series_1.1
5series_1.2
5series_1.3
Android4sam_v4.*
Android4sam_v4.0
Android4sam_v4.1
Android4sam_v4.2
Android4sam_v4.3
Android4sam_v4.4
Android4sam_v4.4_rc1
Android4sam_v4.4_rc2
linux4sam_5.*
linux4sam_5.6-rc1
v3.*
v3.5.1
v3.5.2
v3.5.3
v3.5.4
v3.6.0
v3.6.1
v3.6.2
v3.7
v3.7.1
v3.7.2
v3.7.2-rc2
v3.8
v3.8-alpha1
v3.8-alpha2
v3.8-alpha3
v3.8-alpha4
v3.8-alpha5
v3.8-alpha6
v3.8-alpha7
v3.8-beta1
v3.8.1
v3.8.10
v3.8.10-rc1
v3.8.11
v3.8.11-rc1
v3.8.11-rc2
v3.8.11-rc3
v3.8.11-rc4
v3.8.12
v3.8.13
v3.8.13-rc1
v3.8.13-rc2
v3.8.13-rc3
v3.8.13-rc4
v3.8.13-rc5
v3.8.2
v3.8.3
v3.8.4
v3.8.5
v3.8.6
v3.8.7
v3.8.8
v3.8.8-rc2
v3.8.8-rc3
v3.8.9
v3.8.9-rc1
v3.8.9-rc2
v3.8.9-rc3
v3.8.9-rc4
v3.8.9-rc6
v3.8.9-rc7
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v3.9.0-rc3
v3.9.0-rc4
v3.9.0-rc5
v3.9.1
v3.9.1-rc1