Bugzilla – Bug 1201745
VUL-0: CVE-2022-33967: u-boot-rpi3,u-boot: Heap overflow in squashfs filesystem implementation
Last modified: 2022-12-20 11:16:33 UTC
CVE-2022-33967 squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33967 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33967 http://www.cvedetails.com/cve/CVE-2022-33967/ https://source.denx.de/u-boot/u-boot/-/commit/7f7fb9937c6cb49dd35153bd6708872b390b0a44 https://lists.denx.de/pipermail/u-boot/2022-June/487467.html https://www.denx.de/project/u-boot/ https://jvn.jp/en/vu/JVNVU97846460/index.html
Affected: - SUSE:SLE-15-SP3:Update/u-boot 2021.01 - SUSE:SLE-15-SP4:Update/u-boot 2021.10 Not Affected (squashfs not introduced yet): - SUSE:SLE-12-SP4:Update/u-boot 2018.03 - SUSE:SLE-12-SP4:Update/u-boot-rpi3 2018.03 - SUSE:SLE-15:Update/u-boot 2018.03 - SUSE:SLE-15:Update/u-boot-rpi3 2018.03 - SUSE:SLE-15-SP1:Update/u-boot 2019.01 - SUSE:SLE-15-SP1:Update/u-boot-rpi3 2019.01 - SUSE:SLE-12-SP5:Update/u-boot 2019.01 - SUSE:SLE-12-SP5:Update/u-boot-rpi3 2019.01 - SUSE:SLE-15-SP2:Update/u-boot 2020.01 Not Affected (already contains fix): - openSUSE:Factory/u-boot 2022.07
SUSE-SU-2022:2653-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1201214,1201745 CVE References: CVE-2022-33967,CVE-2022-34835 JIRA References: Sources used: openSUSE Leap 15.3 (src): u-boot-2021.01-150300.7.15.1, u-boot-avnetultra96rev1-2021.01-150300.7.15.1, u-boot-bananapim64-2021.01-150300.7.15.1, u-boot-dragonboard410c-2021.01-150300.7.15.1, u-boot-dragonboard820c-2021.01-150300.7.15.1, u-boot-evb-rk3399-2021.01-150300.7.15.1, u-boot-firefly-rk3399-2021.01-150300.7.15.1, u-boot-geekbox-2021.01-150300.7.15.1, u-boot-hikey-2021.01-150300.7.15.1, u-boot-khadas-vim-2021.01-150300.7.15.1, u-boot-khadas-vim2-2021.01-150300.7.15.1, u-boot-libretech-ac-2021.01-150300.7.15.1, u-boot-libretech-cc-2021.01-150300.7.15.1, u-boot-ls1012afrdmqspi-2021.01-150300.7.15.1, u-boot-mvebudb-88f3720-2021.01-150300.7.15.1, u-boot-mvebudbarmada8k-2021.01-150300.7.15.1, u-boot-mvebuespressobin-88f3720-2021.01-150300.7.15.1, u-boot-mvebumcbin-88f8040-2021.01-150300.7.15.1, u-boot-nanopia64-2021.01-150300.7.15.1, u-boot-odroid-c2-2021.01-150300.7.15.1, u-boot-odroid-c4-2021.01-150300.7.15.1, u-boot-odroid-n2-2021.01-150300.7.15.1, u-boot-orangepipc2-2021.01-150300.7.15.1, u-boot-p2371-2180-2021.01-150300.7.15.1, u-boot-p2771-0000-500-2021.01-150300.7.15.1, u-boot-p3450-0000-2021.01-150300.7.15.1, u-boot-pine64plus-2021.01-150300.7.15.1, u-boot-pinebook-2021.01-150300.7.15.1, u-boot-pinebook-pro-rk3399-2021.01-150300.7.15.1, u-boot-pineh64-2021.01-150300.7.15.1, u-boot-pinephone-2021.01-150300.7.15.1, u-boot-poplar-2021.01-150300.7.15.1, u-boot-rock-pi-4-rk3399-2021.01-150300.7.15.1, u-boot-rock64-rk3328-2021.01-150300.7.15.1, u-boot-rock960-rk3399-2021.01-150300.7.15.1, u-boot-rockpro64-rk3399-2021.01-150300.7.15.1, u-boot-rpi3-2021.01-150300.7.15.1, u-boot-rpi4-2021.01-150300.7.15.1, u-boot-rpiarm64-2021.01-150300.7.15.1, u-boot-xilinxzynqmpvirt-2021.01-150300.7.15.1, u-boot-xilinxzynqmpzcu102rev10-2021.01-150300.7.15.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): u-boot-2021.01-150300.7.15.1, u-boot-rpiarm64-2021.01-150300.7.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:2661-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1201214,1201745 CVE References: CVE-2022-33967,CVE-2022-34835 JIRA References: Sources used: openSUSE Leap 15.4 (src): u-boot-2021.10-150400.4.8.1, u-boot-avnetultra96rev1-2021.10-150400.4.8.1, u-boot-bananapim64-2021.10-150400.4.8.1, u-boot-dragonboard410c-2021.10-150400.4.8.1, u-boot-dragonboard820c-2021.10-150400.4.8.1, u-boot-evb-rk3399-2021.10-150400.4.8.1, u-boot-firefly-rk3399-2021.10-150400.4.8.1, u-boot-geekbox-2021.10-150400.4.8.1, u-boot-hikey-2021.10-150400.4.8.1, u-boot-khadas-vim-2021.10-150400.4.8.1, u-boot-khadas-vim2-2021.10-150400.4.8.1, u-boot-libretech-ac-2021.10-150400.4.8.1, u-boot-libretech-cc-2021.10-150400.4.8.1, u-boot-ls1012afrdmqspi-2021.10-150400.4.8.1, u-boot-mvebudb-88f3720-2021.10-150400.4.8.1, u-boot-mvebudbarmada8k-2021.10-150400.4.8.1, u-boot-mvebuespressobin-88f3720-2021.10-150400.4.8.1, u-boot-mvebumcbin-88f8040-2021.10-150400.4.8.1, u-boot-nanopia64-2021.10-150400.4.8.1, u-boot-odroid-c2-2021.10-150400.4.8.1, u-boot-odroid-c4-2021.10-150400.4.8.1, u-boot-odroid-n2-2021.10-150400.4.8.1, u-boot-orangepipc2-2021.10-150400.4.8.1, u-boot-p2371-2180-2021.10-150400.4.8.1, u-boot-p2771-0000-500-2021.10-150400.4.8.1, u-boot-p3450-0000-2021.10-150400.4.8.1, u-boot-pine64plus-2021.10-150400.4.8.1, u-boot-pinebook-2021.10-150400.4.8.1, u-boot-pinebook-pro-rk3399-2021.10-150400.4.8.1, u-boot-pineh64-2021.10-150400.4.8.1, u-boot-pinephone-2021.10-150400.4.8.1, u-boot-poplar-2021.10-150400.4.8.1, u-boot-rock-pi-4-rk3399-2021.10-150400.4.8.1, u-boot-rock-pi-n10-rk3399pro-2021.10-150400.4.8.1, u-boot-rock64-rk3328-2021.10-150400.4.8.1, u-boot-rock960-rk3399-2021.10-150400.4.8.1, u-boot-rockpro64-rk3399-2021.10-150400.4.8.1, u-boot-rpi3-2021.10-150400.4.8.1, u-boot-rpi4-2021.10-150400.4.8.1, u-boot-rpiarm64-2021.10-150400.4.8.1, u-boot-xilinxzynqmpvirt-2021.10-150400.4.8.1, u-boot-xilinxzynqmpzcu102rev10-2021.10-150400.4.8.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): u-boot-2021.10-150400.4.8.1, u-boot-rpiarm64-2021.10-150400.4.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done