UBUNTU-CVE-2024-42040
- Source
- https://ubuntu.com/security/CVE-2024-42040
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-42040.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-42040
- Upstream
- Published
- 2024-08-23T15:15:00Z
- Modified
- 2025-09-08T17:02:11Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses.
- References
Affected packages
Ubuntu:22.04:LTS
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2022.01+dfsg-2ubuntu2.6?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2021.*
2021.07+dfsg-0ubuntu8
2021.07+dfsg-0ubuntu9
2021.07+dfsg-0ubuntu10
2022.*
2022.01+dfsg-2ubuntu1
2022.01+dfsg-2ubuntu2
2022.01+dfsg-2ubuntu2.1
2022.01+dfsg-2ubuntu2.3
2022.01+dfsg-2ubuntu2.4
2022.01+dfsg-2ubuntu2.5
2022.01+dfsg-2ubuntu2.6
Ecosystem specific
{
"binaries": [
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-amlogic"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-microchip"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-mvebu"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-qcom"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-qemu"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-sifive"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2022.01+dfsg-2ubuntu2.6",
"binary_name": "u-boot-tools"
}
]
}u-boot-nezha
Package
- Name
- u-boot-nezha
- Purl
- pkg:deb/ubuntu/u-boot-nezha@2022.04+git20220405.7446a472-0ubuntu0.4?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2025.01-0ubuntu0.24.04.2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2023.*
2023.07+dfsg-1ubuntu2
2024.*
2024.01+dfsg-1ubuntu1
2024.01+dfsg-1ubuntu2
2024.01+dfsg-1ubuntu3
2024.01+dfsg-1ubuntu4
2024.01+dfsg-1ubuntu5
2024.01+dfsg-1ubuntu5.1
2024.01+dfsg-1ubuntu5.2
2025.*
2025.01-0ubuntu0.24.04.1
2025.01-0ubuntu0.24.04.2
Ecosystem specific
{
"binaries": [
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-amlogic"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-amlogic-binaries"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-asahi"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-exynos-binaries"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-microchip"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-mvebu"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-qcom"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-qemu"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-sifive"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-sitara-binaries"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-starfive"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-stm32"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2025.01-0ubuntu0.24.04.2",
"binary_name": "u-boot-tools"
}
]
}u-boot-nezha
Package
- Name
- u-boot-nezha
- Purl
- pkg:deb/ubuntu/u-boot-nezha@2024.01~rc1-190-g2e89b706f5-0ubuntu2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2025.01-1~0ubuntu2.1?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2024.*
2024.01+dfsg-5ubuntu2
2024.01+dfsg-5ubuntu3
2025.*
2025.01-1~0ubuntu1
2025.01-1~0ubuntu2
2025.01-1~0ubuntu2.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-amlogic"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-amlogic-binaries"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-asahi"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-exynos-binaries"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-microchip"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-mvebu"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-qcom"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-qemu"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-sifive"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-sitara-binaries"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-starfive"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-stm32"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2025.01-1~0ubuntu2.1",
"binary_name": "u-boot-tools"
}
]
}u-boot-nezha
Ubuntu:Pro:16.04:LTS
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2016.01+dfsg1-2ubuntu5?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2015.*
2015.04+dfsg1-2ubuntu1
2015.10+dfsg1-2
2015.10+dfsg1-3
2015.10+dfsg1-4
2016.*
2016.01+dfsg1-1
2016.01+dfsg1-1ubuntu1
2016.01+dfsg1-2ubuntu1
2016.01+dfsg1-2ubuntu2
2016.01+dfsg1-2ubuntu3
2016.01+dfsg1-2ubuntu5
Ecosystem specific
{
"binaries": [
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2016.01+dfsg1-2ubuntu5",
"binary_name": "u-boot-tools"
}
]
}Ubuntu:Pro:18.04:LTS
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2020.10+dfsg-1ubuntu0~18.04.3?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2016.*
2016.03+dfsg1-6ubuntu2
2018.*
2018.07~rc3+dfsg1-0ubuntu1~18.04.1
2018.07~rc3+dfsg1-0ubuntu2~18.04.1
2018.07~rc3+dfsg1-0ubuntu3~18.04.1
2019.*
2019.07+dfsg-1ubuntu4~18.04.1
2020.*
2020.10+dfsg-1ubuntu0~18.04.2
2020.10+dfsg-1ubuntu0~18.04.3
Ecosystem specific
{
"binaries": [
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-amlogic"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-mvebu"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-qcom"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-qemu"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2020.10+dfsg-1ubuntu0~18.04.3",
"binary_name": "u-boot-tools"
}
]
}Ubuntu:Pro:20.04:LTS
u-boot
Package
- Name
- u-boot
- Purl
- pkg:deb/ubuntu/u-boot@2021.01+dfsg-3ubuntu0~20.04.6?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2019.*
2019.07+dfsg-1ubuntu3
2019.07+dfsg-1ubuntu5
2019.07+dfsg-1ubuntu6
2020.*
2020.10+dfsg-1ubuntu0~20.04.2
2021.*
2021.01+dfsg-3ubuntu0~20.04.1
2021.01+dfsg-3ubuntu0~20.04.3
2021.01+dfsg-3ubuntu0~20.04.4
2021.01+dfsg-3ubuntu0~20.04.5
2021.01+dfsg-3ubuntu0~20.04.6
Ecosystem specific
{
"binaries": [
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-amlogic"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-exynos"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-imx"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-mvebu"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-omap"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-qcom"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-qemu"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-rockchip"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-rpi"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-sifive"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-sunxi"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-tegra"
},
{
"binary_version": "2021.01+dfsg-3ubuntu0~20.04.6",
"binary_name": "u-boot-tools"
}
]
}