Vulnerabilities > CVE-2019-14199 - Integer Underflow (Wrap or Wraparound) vulnerability in Denx U-Boot

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
denx
CWE-191

Summary

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.

Vulnerable Configurations

Part Description Count
Application
Denx
287

Common Weakness Enumeration (CWE)