Overview

File _patchinfo of Package patchinfo.25181

<patchinfo incident="25181">
  <issue tracker="cve" id="2022-30552"/>
  <issue tracker="cve" id="2022-30790"/>
  <issue tracker="bnc" id="1200364">VUL-0: CVE-2022-30790: u-boot-rpi3,u-boot: Hole Descriptor Overwrite in IP Packet Defragmentation Leads to Arbitrary Out of Bounds Write Primitive</issue>
  <issue tracker="bnc" id="1200363">VUL-0: CVE-2022-30552: u-boot-rpi3,u-boot: Large buffer overflow leads to DoS in IP Packet Defragmentation Code</issue>
  <issue tracker="cve" id="2022-34835"/>
  <issue tracker="bnc" id="1201214">VUL-0: CVE-2022-34835: u-boot,u-boot-rpi3: integer overflow in do_i2c_md() may lead to arbitrary code execution</issue>
  <packager>mbrugger</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for u-boot</summary>
  <description>This update for u-boot fixes the following issues:

- CVE-2022-30790: Fixed an arbitrary out-of-bounds write in the IP defragmentation (bsc#1200364).
- CVE-2022-30552: Fixed an out-of-bounds write in the IP defragmentation (bsc#1200363).
- CVE-2022-34835: Fixed stack buffer overflow vulnerability in i2c md command (bsc#1201214).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places