Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2017-3226

Published: 24 July 2018

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message.

Notes

AuthorNote
mdeslaur
xenial doesn't build with ENV_AES, and later releases removed
the code completely

Priority

Negligible

Cvss 3 Severity Score

6.4

Score breakdown

Status

Package Release Status
u-boot
Launchpad, Ubuntu, Debian
impish Not vulnerable

jammy Not vulnerable

xenial Needed

bionic Not vulnerable

focal Not vulnerable

groovy Not vulnerable

kinetic Not vulnerable

lunar Not vulnerable

artful Ignored
(end of life)
cosmic Ignored
(end of life)
disco Ignored
(end of life)
eoan Ignored
(end of life)
hirsute Not vulnerable

trusty Does not exist
(trusty was not-affected [code not present])
upstream Needs triage

zesty Ignored
(end of life)
mantic Not vulnerable

Patches:
upstream: https://github.com/u-boot/u-boot/commit/c6831c74a9e9dbedc351de94d23d35188ae1a39b

Severity score breakdown

Parameter Value
Base score 6.4
Attack vector Physical
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H