CVE-2022-33103

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-33103

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-33103.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-33103

Downstream

DEBIAN-CVE-2022-33103

DLA-4150-1

OESA-2025-1574

OESA-2025-1575

SUSE-SU-2022:2868-1

SUSE-SU-2022:2869-1

UBUNTU-CVE-2022-33103

USN-5764-1

Related

Published

2022-07-01T12:15:08Z

Modified

2025-10-16T05:25:09.127020Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

References

Affected packages

Git / github.com/u-boot/u-boot

Affected ranges

Type: GIT
Repo: https://github.com/u-boot/u-boot
Events: Introduced

050acee119b3757fee3bd128f55d720fdd9bb890

Fixed

e092e3250270a1016c877da7bdd9384f14b1321e

Affected versions

v2020.*

v2020.10

v2021.*

v2021.01

v2021.01-rc1

v2021.01-rc2

v2021.01-rc3

v2021.01-rc4

v2021.01-rc5

v2021.04

v2021.04-rc1

v2021.04-rc2

v2021.04-rc3

v2021.04-rc4

v2021.04-rc5

v2021.07

v2021.07-rc1

v2021.07-rc2

v2021.07-rc3

v2021.07-rc4

v2021.07-rc5

v2021.10

v2021.10-rc1

v2021.10-rc2

v2021.10-rc3

v2021.10-rc4

v2021.10-rc5

v2022.*

v2022.01

v2022.01-rc1

v2022.01-rc2

v2022.01-rc3

v2022.01-rc4

v2022.04

v2022.04-rc1

v2022.04-rc2

v2022.04-rc3

v2022.04-rc4

v2022.04-rc5

v2022.07-rc1

v2022.07-rc2

v2022.07-rc3

v2022.07-rc4

v2022.07-rc5

v2022.07-rc6