CVE-2022-34835

moderate-risk
Published 2022-06-30

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.

Do I need to act?

-
0.31% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (6)

Affected Vendors

Denx

References (7)

Exploit https://github.com/u-boot/u-boot/commit/8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409
Exploit https://lists.denx.de/pipermail/u-boot/2022-June/486113.html
Patch https://source.denx.de/u-boot/u-boot/-/commit/8f8c04bf1ebbd2f72f1643e7ad9617dafa...
Exploit https://github.com/u-boot/u-boot/commit/8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409
https://lists.debian.org/debian-lts-announce/2025/05/msg00001.html
Exploit https://lists.denx.de/pipermail/u-boot/2022-June/486113.html
Patch https://source.denx.de/u-boot/u-boot/-/commit/8f8c04bf1ebbd2f72f1643e7ad9617dafa...
46
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 1/34 · Minimal
Exposure 13/34 · Low