Vulnerability Name: | CVE-2017-3226 (CCN-131634) | ||||||||||||||||||||||||||||||||||||||||
Assigned: | 2016-12-05 | ||||||||||||||||||||||||||||||||||||||||
Published: | 2017-09-08 | ||||||||||||||||||||||||||||||||||||||||
Updated: | 2019-10-09 | ||||||||||||||||||||||||||||||||||||||||
Summary: | Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message. | ||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 6.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) 5.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
4.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-310 | ||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2017-3226 Source: CCN Type: US-CERT VU#166743 Das U-Boot AES-CBC encryption implementation contains multiple vulnerabilities Source: BID Type: Third Party Advisory, VDB Entry 100675 Source: CCN Type: BID-100675 Das U-Boot Security Weakness and Information Disclosure Vulnerabilities Source: XF Type: UNKNOWN denx-dasuboat-cve20173226-info-disc(131634) Source: CCN Type: DENX Web site Das U-Boot the Universal Boot Loader Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#166743 Source: CCN Type: WhiteSource Vulnerability Database CVE-2017-3226 | ||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
BACK |