[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS
An attacker with physical access can exploit multiple vulnerabilities in DENX U-Boot to execute arbitrary code with the privileges of the service and trigger a denial-of-service condition.
CSIRTS triage
- What
- Multiple vulnerabilities in DENX U-Boot allow execution of arbitrary code and denial-of-service conditions.
- Who is affected
- Attackers with physical access to devices running DENX U-Boot.
- Urgency
- Remediation is medium urgency as exploitation requires physical access but could lead to significant impact.
- Action
- Update to the latest version of DENX U-Boot.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch U-Boot
Get an email when a new U-Boot advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2276
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- high[UPDATE] [high] Linux Kernel: Multiple vulnerabilities2026-07-10