Vulnerabilities > CVE-2017-3226 - Cryptographic Issues vulnerability in Denx U-Boot

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

denx

CWE-310

NVD

Published: 2018-07-24

Updated: 2019-10-09

Summary

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message.

Vulnerable Configurations

Part	Description	Count
Application	Denx Denx U Boot - Denx U Boot 0.2.0 Denx U Boot 0.2.3 Denx U Boot 0.3.0 Denx U Boot 0.3.1 Denx U Boot 0.4.0 Denx U Boot 0.4.1 Denx U Boot 0.4.2 Denx U Boot 0.4.3 Denx U Boot 0.4.4 Denx U Boot 0.4.5 Denx U Boot 0.4.6 Denx U Boot 0.4.7 Denx U Boot 0.4.8 Denx U Boot 1.0.0 Denx U Boot 1.0.1 Denx U Boot 1.0.2 Denx U Boot 1.1.0 Denx U Boot 1.1.1 Denx U Boot 1.1.2 Denx U Boot 1.1.3 Denx U Boot 1.1.4 Denx U Boot 1.1.5 Denx U Boot 1.1.6 Denx U Boot 1.2.0 Denx U Boot 1.3.0 Denx U Boot 1.3.1 Denx U Boot 1.3.3 Denx U Boot 1.3.4 Denx U Boot 2008.10 Denx U Boot 2009.01 Denx U Boot 2009.03 Denx U Boot 2009.06 Denx U Boot 2009.08 Denx U Boot 2009.11 Denx U Boot 2009.11.1 Denx U Boot 2010.03 Denx U Boot 2010.06 Denx U Boot 2010.09 Denx U Boot 2010.12 Denx U Boot 2011.03 Denx U Boot 2011.04.01 Denx U Boot 2011.06 Denx U Boot 2011.09 Denx U Boot 2011.12 Denx U Boot 2012.04 Denx U Boot 2012.04.01 Denx U Boot 2012.07 Denx U Boot 2012.10 Denx U Boot 2013.01 Denx U Boot 2013.01.01 Denx U Boot 2013.04 Denx U Boot 2013.07 Denx U Boot 2013.10 Denx U Boot 2014.01 Denx U Boot 2014.04 Denx U Boot 2014.07 Denx U Boot 2014.10 Denx U Boot 2015.01 Denx U Boot 2015.04 Denx U Boot 2015.07 Denx U Boot 2015.10 Denx U Boot 2016.01 Denx U Boot 2016.03 Denx U Boot 2016.05 Denx U Boot 2016.07 Denx U Boot 2016.09 Denx U Boot 2016.09.01 Denx U Boot 2016.11 Denx U Boot 2017.01 Denx U Boot 2017.03 Denx U Boot 2017.05 Denx U Boot 2017.07	230

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References