Home > Cyber News > U-boot Loader Contains Unpatched Critical Flaws (CVE-2022-30790)
CYBER NEWS

U-boot Loader Contains Unpatched Critical Flaws (CVE-2022-30790)

U-boot Loader Contains Unpatched Critical Flaws (CVE-2022-30790)

Two security vulnerabilities, CVE-2022-30790 and CVE-2022-30552, were discovered in U-boot, a popular boot loader for embedded systems.

The loader has many implementations for various architectures, and is present in most Linux-based embedded systems, including ChromeOS and Android. The two vulnerabilities reside in the IP Defragmentation algorithm.

It should be noted that the development of u-boot is “closely related to Linux”. According to the project’s GitHub page, some parts of its source code originate in the Linux source code tree, with some header files in common.




CVE-2022-30790 and CVE-2022-30552

The vulnerabilities could be leveraged in arbitrary out-of-bounds write attacks, as well as denial-of-service attack scenarios:

  • Technical Advisory – Hole Descriptor Overwrite in U-Boot IP Packet Defragmentation Leads to Arbitrary Out of Bounds Write Primitive (CVE-2022-30790);
  • Technical Advisory – Large buffer overflow leads to DoS in U-Boot IP Packet Defragmentation Code (CVE-2022-30552).

CVE-2022-30790 affects the U-Boot implementation of RFC815 IP DATAGRAM REASSEMBLY ALGORITHMS, which is susceptible to a Hole Descriptor overwrite attack which ultimately leads to an arbitrary write primitive.

CVE-2022-30552 could lead to a buffer overflow through a specially crafted fragmented IP Datagram with an invalid total length which causes a denial of service.

Both issues can be exploited only from the local network, which could then allow attackers to root the devices and perform a DoS attack via a malformed packet. Fixes will be made available soon, and users should update to the latest version as soon as possible. More information is available in the official advisory.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...