CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS

medium
An attacker with physical access can exploit multiple vulnerabilities in DENX U-Boot to execute arbitrary code with the privileges of the service and trigger a denial-of-service condition.

CSIRTS triage

What
Multiple vulnerabilities in DENX U-Boot allow execution of arbitrary code and denial-of-service conditions.
Who is affected
Attackers with physical access to devices running DENX U-Boot.
Urgency
Remediation is medium urgency as exploitation requires physical access but could lead to significant impact.
Action
Update to the latest version of DENX U-Boot.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch U-Boot

Get an email when a new U-Boot advisory drops — max one per day, one-click unsubscribe.

Details

Source
CERT-Bund (BSI) Security Advisories (DE · national-cert · site)
Severity
medium
Published
2026-07-10
Exploitation
Not in CISA KEV at last sync
Language
Machine-translated to English — verify against the original

Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2276

More from CERT-Bund (BSI) Security Advisories