CVE-2022-30552

Published: Jun 8, 2022Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Das U-Boot 2022.01 has a Buffer Overflow.

Affected (1)

Products: Denx: U Boot

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Denx U Boot	Version 2022.01

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://github.com/u-boot/u-boot/tags

Source: cve@mitre.org

Release NotesThird Party Advisory

https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/

Source: cve@mitre.org

Third Party Advisory

https://github.com/u-boot/u-boot/tags

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://lists.debian.org/debian-lts-announce/2025/05/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://cert-portal.siemens.com/productcert/html/ssa-577017.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.