CVE-2019-14195

Priority
Description
An issue was discovered in Das U-Boot through 2019.07. There is an
unbounded memcpy with unvalidated length at nfs_readlink_reply in the
"else" block after calculating the new path length.
Notes
Package
Upstream:released (2020.01+dfsg-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):needed
Ubuntu 20.10 (Groovy Gorilla):not-affected (2020.04+dfsg-2ubuntu1)
Patches:
Upstream:https://gitlab.denx.de/u-boot/u-boot/commit/cf3a4f1e86ecdd24f87b615051b49d8e1968c230
More Information

Updated: 2020-09-29 18:24:13 UTC (commit 4ef060a5e1b87739b14601e0382b934fa18e8f65)