pengutronix
Top products
Latest CVEs
The 14 most recently published vulnerabilities affecting pengutronix.
- CVE-2026-34963barebox EFI PE Loader Memory Safety Vulnerabilities8.4
- CVE-2026-34962barebox ext4 Directory Parsing Infinite Loop Denial of Service6.2
- CVE-2026-34961barebox ext4 Extent Parsing Out-of-Bounds Read6.2
- CVE-2026-34960barebox Out-of-Bounds Read in DHCP Option Parsing6.5
- CVE-2026-34155RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB5.3
- CVE-2026-33243barebox: FIT Signature Verification Bypass Vulnerability8.2
- CVE-2024-57261In barebox before 2025.01.0, request2size in common/dlmalloc.c has an integer overflow, a related issue to CVE-2024-57258.7.1
- CVE-2024-57262In barebox before 2025.01.0, ext4fs_read_symlink has an integer overflow for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a m...7.1
- CVE-2021-37848common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison.7.5
- CVE-2021-37847crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification.7.5
- CVE-2020-25860The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the ...6.6
- CVE-2020-13910Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds c...9.1
- CVE-2019-15937Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.9.8
- CVE-2019-15938Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_req in fs/nfs.c because a length field is directly used for a memcpy.9.8