Overview

File _patchinfo of Package patchinfo.24415

<patchinfo incident="24415">
  <issue tracker="cve" id="2022-30552"/>
  <issue tracker="cve" id="2022-30767"/>
  <issue tracker="cve" id="2022-30790"/>
  <issue tracker="bnc" id="1200363">VUL-0: CVE-2022-30552: u-boot-rpi3,u-boot: Large buffer overflow leads to DoS in IP Packet Defragmentation Code</issue>
  <issue tracker="bnc" id="1199623">VUL-0: CVE-2022-30767: u-boot-rpi3,u-boot: buffer overflow in u-boot due to incorrect fix for CVE-2019-14196</issue>
  <issue tracker="bnc" id="1200364">VUL-0: CVE-2022-30790: u-boot-rpi3,u-boot: Hole Descriptor Overwrite in IP Packet Defragmentation Leads to Arbitrary Out of Bounds Write Primitive</issue><packager>mbrugger</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for u-boot</summary>
  <description>This update for u-boot fixes the following issues:

- CVE-2022-30552: A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code.
(bsc#1200363)
- CVE-2022-30790: A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive.
(bsc#1200364)
- CVE-2022-30767: Fixed an unbounded memcpy with a failed length check leading to a buffer overflow (bsc#1199623).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places