Multiple vulnerabilities have been found in Das U-Boot, a universal bootloader commonly used in embedded devices like Amazon Kindles, ARM Chromebooks and networking hardware. The bugs could allow attackers to gain full control of an impacted device’s CPU and modify anything they choose. Researchers at ForAllSecure found the flaws in U-Boot’s file system drivers. They include a recursive stack overflow in the DOS partition parser, a pair of buffer-overflows in ext4 and a double-free memory corruption flaw in ext4. They open the door to denial-of-service attacks, device takeover and code-execution. There are both local and remote paths to exploitation for these flaws. If a vulnerable device is configured to boot from external media, such as an SD card or USB drive, attackers with physical access could subvert the normal boot process of the device and control the loading of the operating system, giving them substantial control over the device. If the device is configured to network boot, remote attackers could use an initial method to compromise the corporate or Wi-Fi network that a target device is attached to (including social-engineering malware onto a victim’s endpoint or exploiting known vulnerabilities), and from there attacking the U-Boot device from that local network location. “The most obvious route for exploitation requires physical access, and could either cause denial of service (possible device bricking) or could subvert the boot process for a device or possibly…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-11-07 12:31:002019-11-07 12:31:00Amazon Kindle, Embedded Devices Open to Code-Execution
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com