CVE-2024-42040

Published: Aug 23, 2024

Modified: Nov 20, 2024

PUBLISHED

Description

Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/u-boot/u-boot/tags

https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2024-004.txt

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-42040

Description

Affected Products

References