Bugzilla – Bug 1201213
VUL-0: CVE-2022-33103: u-boot,u-boot-rpi3: out-of-bounds write in sqfs_readdir() may lead to arbitrary code execution
Last modified: 2023-03-02 15:25:34 UTC
CVE-2022-33103 Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33103 https://lore.kernel.org/all/20220609140206.297405-1-miquel.raynal@bootlin.com/ https://lore.kernel.org/all/CALO=DHFB+yBoXxVr5KcsK0iFdg+e7ywko4-e+72kjbcS8JBfPw@mail.gmail.com/
squashfs support is only present in: - SUSE:SLE-15-SP3:Update/u-boot - SUSE:SLE-15-SP4:Update/u-boot - openSUSE:Factory/u-boot
Factory is at 2022.07 which already includes the fix. Reassigning back to the security team.
SUSE-SU-2022:2869-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1201213 CVE References: CVE-2022-33103 JIRA References: Sources used: openSUSE Leap 15.4 (src): u-boot-2021.10-150400.4.11.1, u-boot-avnetultra96rev1-2021.10-150400.4.11.1, u-boot-bananapim64-2021.10-150400.4.11.1, u-boot-dragonboard410c-2021.10-150400.4.11.1, u-boot-dragonboard820c-2021.10-150400.4.11.1, u-boot-evb-rk3399-2021.10-150400.4.11.1, u-boot-firefly-rk3399-2021.10-150400.4.11.1, u-boot-geekbox-2021.10-150400.4.11.1, u-boot-hikey-2021.10-150400.4.11.1, u-boot-khadas-vim-2021.10-150400.4.11.1, u-boot-khadas-vim2-2021.10-150400.4.11.1, u-boot-libretech-ac-2021.10-150400.4.11.1, u-boot-libretech-cc-2021.10-150400.4.11.1, u-boot-ls1012afrdmqspi-2021.10-150400.4.11.1, u-boot-mvebudb-88f3720-2021.10-150400.4.11.1, u-boot-mvebudbarmada8k-2021.10-150400.4.11.1, u-boot-mvebuespressobin-88f3720-2021.10-150400.4.11.1, u-boot-mvebumcbin-88f8040-2021.10-150400.4.11.1, u-boot-nanopia64-2021.10-150400.4.11.1, u-boot-odroid-c2-2021.10-150400.4.11.1, u-boot-odroid-c4-2021.10-150400.4.11.1, u-boot-odroid-n2-2021.10-150400.4.11.1, u-boot-orangepipc2-2021.10-150400.4.11.1, u-boot-p2371-2180-2021.10-150400.4.11.1, u-boot-p2771-0000-500-2021.10-150400.4.11.1, u-boot-p3450-0000-2021.10-150400.4.11.1, u-boot-pine64plus-2021.10-150400.4.11.1, u-boot-pinebook-2021.10-150400.4.11.1, u-boot-pinebook-pro-rk3399-2021.10-150400.4.11.1, u-boot-pineh64-2021.10-150400.4.11.1, u-boot-pinephone-2021.10-150400.4.11.1, u-boot-poplar-2021.10-150400.4.11.1, u-boot-rock-pi-4-rk3399-2021.10-150400.4.11.1, u-boot-rock-pi-n10-rk3399pro-2021.10-150400.4.11.1, u-boot-rock64-rk3328-2021.10-150400.4.11.1, u-boot-rock960-rk3399-2021.10-150400.4.11.1, u-boot-rockpro64-rk3399-2021.10-150400.4.11.1, u-boot-rpi3-2021.10-150400.4.11.1, u-boot-rpi4-2021.10-150400.4.11.1, u-boot-rpiarm64-2021.10-150400.4.11.1, u-boot-xilinxzynqmpvirt-2021.10-150400.4.11.1, u-boot-xilinxzynqmpzcu102rev10-2021.10-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): u-boot-2021.10-150400.4.11.1, u-boot-rpiarm64-2021.10-150400.4.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2868-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1201213 CVE References: CVE-2022-33103 JIRA References: Sources used: openSUSE Leap 15.3 (src): u-boot-2021.01-150300.7.18.1, u-boot-avnetultra96rev1-2021.01-150300.7.18.1, u-boot-bananapim64-2021.01-150300.7.18.1, u-boot-dragonboard410c-2021.01-150300.7.18.1, u-boot-dragonboard820c-2021.01-150300.7.18.1, u-boot-evb-rk3399-2021.01-150300.7.18.1, u-boot-firefly-rk3399-2021.01-150300.7.18.1, u-boot-geekbox-2021.01-150300.7.18.1, u-boot-hikey-2021.01-150300.7.18.1, u-boot-khadas-vim-2021.01-150300.7.18.1, u-boot-khadas-vim2-2021.01-150300.7.18.1, u-boot-libretech-ac-2021.01-150300.7.18.1, u-boot-libretech-cc-2021.01-150300.7.18.1, u-boot-ls1012afrdmqspi-2021.01-150300.7.18.1, u-boot-mvebudb-88f3720-2021.01-150300.7.18.1, u-boot-mvebudbarmada8k-2021.01-150300.7.18.1, u-boot-mvebuespressobin-88f3720-2021.01-150300.7.18.1, u-boot-mvebumcbin-88f8040-2021.01-150300.7.18.1, u-boot-nanopia64-2021.01-150300.7.18.1, u-boot-odroid-c2-2021.01-150300.7.18.1, u-boot-odroid-c4-2021.01-150300.7.18.1, u-boot-odroid-n2-2021.01-150300.7.18.1, u-boot-orangepipc2-2021.01-150300.7.18.1, u-boot-p2371-2180-2021.01-150300.7.18.1, u-boot-p2771-0000-500-2021.01-150300.7.18.1, u-boot-p3450-0000-2021.01-150300.7.18.1, u-boot-pine64plus-2021.01-150300.7.18.1, u-boot-pinebook-2021.01-150300.7.18.1, u-boot-pinebook-pro-rk3399-2021.01-150300.7.18.1, u-boot-pineh64-2021.01-150300.7.18.1, u-boot-pinephone-2021.01-150300.7.18.1, u-boot-poplar-2021.01-150300.7.18.1, u-boot-rock-pi-4-rk3399-2021.01-150300.7.18.1, u-boot-rock64-rk3328-2021.01-150300.7.18.1, u-boot-rock960-rk3399-2021.01-150300.7.18.1, u-boot-rockpro64-rk3399-2021.01-150300.7.18.1, u-boot-rpi3-2021.01-150300.7.18.1, u-boot-rpi4-2021.01-150300.7.18.1, u-boot-rpiarm64-2021.01-150300.7.18.1, u-boot-xilinxzynqmpvirt-2021.01-150300.7.18.1, u-boot-xilinxzynqmpzcu102rev10-2021.01-150300.7.18.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): u-boot-2021.01-150300.7.18.1, u-boot-rpiarm64-2021.01-150300.7.18.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Released, closing.