ASA-2019-00487 – Das U-Boot: Stack-based buffer overflow in the nfs_handler reply helper function: rpc_lookup_reply()

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00487

Identifier(s)

ASA-2019-00487, CVE-2019-14200

Title

Stack-based buffer overflow in the nfs_handler reply helper function: rpc_lookup_reply()

Vendor(s)

DENX Software Engineering

Product(s)

Das U-Boot

Affected version(s)

Unknown

Fixed version(s)

Unknown

Proof of concept

Unknown

Description

There is a stack-based buffer overflow in the nfs_handler reply helper function: rpc_lookup_reply().

Technical details

Unknown

Credits

Fermín Serna, Pavel Avgustinov and Kevin Backhouse

Reference(s)

U-Boot RCE Vulnerabilities Affecting IoT Devices
https://blog.semmle.com/uboot-remote-code-execution-vulnerability/

U-Boot NFS RCE Vulnerabilities (CVE-2019-14192)
https://blog.semmle.com/uboot-rce-nfs-vulnerability/

[U-Boot] Remote code execution vulnerabilities in U-Boot’s NFS and other IP parsing code
https://lists.denx.de/pipermail/u-boot/2019-July/378001.html

CVE-2019-14200
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14200

CVE-2019-14200
https://nvd.nist.gov/vuln/detail/CVE-2019-14200

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: August 9, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.