DEBIAN-CVE-2018-1000205

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2018-1000205

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-1000205.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2018-1000205

Upstream

CVE-2018-1000205

Published

2018-06-26T16:29:00Z

Modified

2025-09-18T05:17:58Z

Summary

[none]

Details

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.

References

https://security-tracker.debian.org/tracker/CVE-2018-1000205

Affected packages

Debian:11 / u-boot

Package

Name: u-boot
Purl: pkg:deb/debian/u-boot?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / u-boot

Package

Name: u-boot
Purl: pkg:deb/debian/u-boot?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / u-boot

Package

Name: u-boot
Purl: pkg:deb/debian/u-boot?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:14 / u-boot

Package

Name: u-boot
Purl: pkg:deb/debian/u-boot?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}