Vulnerabilities > CVE-2019-13105 - Double Free vulnerability in Denx U-Boot 2019.07
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Common Weakness Enumeration (CWE)
References
- https://gist.github.com/deephooloovoo/d91b81a1674b4750e662dfae93804d75
- https://gist.github.com/deephooloovoo/d91b81a1674b4750e662dfae93804d75
- https://github.com/u-boot/u-boot/commits/master
- https://github.com/u-boot/u-boot/commits/master
- https://lists.denx.de/pipermail/u-boot/2019-July/375513.html
- https://lists.denx.de/pipermail/u-boot/2019-July/375513.html