Security update for u-boot SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1869-1 Final 1 1 2020-11-07T09:56:06Z current 2020-11-07T09:56:06Z 2020-11-07T09:56:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for u-boot This update for u-boot fixes the following issues: - CVE-2020-8432: Fixed a double free in the cmd/gpt.c do_rename_gpt_parts() function, which allowed an attacker to execute arbitrary code (bsc#1162198) - CVE-2020-10648: Fixed improper signature verification during verified boot (bsc#1167209). This update was imported from the SUSE:SLE-15-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1869 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZX3PJ3EQM5U46A2YMSVVXPTKP7U7SVZG/ E-Mail link for openSUSE-SU-2020:1869-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1162198 SUSE Bug 1162198 https://bugzilla.suse.com/1167209 SUSE Bug 1167209 https://www.suse.com/security/cve/CVE-2020-10648/ SUSE CVE CVE-2020-10648 page https://www.suse.com/security/cve/CVE-2020-8432/ SUSE CVE CVE-2020-8432 page openSUSE Leap 15.2 u-boot-tools-2020.01-lp152.9.9.1 u-boot-tools-2020.01-lp152.9.9.1 as a component of openSUSE Leap 15.2 Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default configuration. CVE-2020-10648 openSUSE Leap 15.2:u-boot-tools-2020.01-lp152.9.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZX3PJ3EQM5U46A2YMSVVXPTKP7U7SVZG/ https://www.suse.com/security/cve/CVE-2020-10648.html CVE-2020-10648 https://bugzilla.suse.com/1167209 SUSE Bug 1167209 In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis. CVE-2020-8432 openSUSE Leap 15.2:u-boot-tools-2020.01-lp152.9.9.1 important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZX3PJ3EQM5U46A2YMSVVXPTKP7U7SVZG/ https://www.suse.com/security/cve/CVE-2020-8432.html CVE-2020-8432 https://bugzilla.suse.com/1162198 SUSE Bug 1162198