Vulnerabilities > CVE-2019-15937 - Out-of-bounds Write vulnerability in Pengutronix Barebox

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
pengutronix
CWE-787
critical
NVD
Published: 2019-09-05
Updated: 2020-08-24

Summary

Pengutronix barebox through 2019.08.1 has a remote buffer overflow in nfs_readlink_reply in net/nfs.c because a length field is directly used for a memcpy.

Vulnerable Configurations

Part Description Count
Application
Pengutronix
130

Common Weakness Enumeration (CWE)

References