Home > Vulnerability Database > CVE-2022-2347

Mend.io Vulnerability Database

CVE-2022-2347

Date: September 23, 2022

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download setup packet with a `wLength` greater than 4096 bytes, they can write beyond the heap-allocated request buffer.

Severity Score

7.7

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-2347

Url: https://seclists.org/oss-sec/2022/q3/41

Url: https://www.mend.io/vulnerability-database/CVE-2022-2347

Severity Score

7.7

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

Heap-based Buffer Overflow

CWE-122

CVSS v3.1

Base Score:	7.7
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-2347

Date: September 23, 2022

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?