GHSA-57ww-qgjv-3g3c · Severity: high — There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the...
There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download setup packet with a `wLength` greater than 4096 bytes, they can write beyond the heap-allocated request buffer.
Conclusion & alert: CVE-2022-2347 is rated High Exploit Risk (61.4/100): CVSS High severity, with low exploitation likelihood (EPSS 0.58%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.05% | 0.58% | +0.53% |
| 2 | 2026-06-09 | 0.03% | 0.05% | +0.02% |
| 3 | 2025-11-21 | — | 0.03% | — |
Full EPSS history (9 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.7 | 3.1 | HIGH |
|
1.0 | 6.0 | [email protected] |
| 7.1 | 3.1 | HIGH |
|
0.5 | 6.0 | [email protected] |
GHSA-57ww-qgjv-3g3c · Severity: high — There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2022-2347 not yet assigned priority: Debian including 1 source packages (u-boot), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. | https://security-tracker.debian.org/tracker/CVE-2022-2347 |
suse
|
medium | CVE-2022-2347 severity moderate: SUSE including 3 source package names (u-boot, u-boot-rpi3, u-boot-tools), 48 product×package rows across 26 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (26 product lines)): Known Not Affected 48. | https://www.suse.com/security/cve/CVE-2022-2347/ |
ubuntu
|
medium | CVE-2022-2347 medium priority: Ubuntu including 2 source packages (u-boot, u-boot-nezha), 27 status rows across 14 suites (bionic, focal, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): released 12, ignored 7, DNE 4, needs-triage 3, needed 1. | https://ubuntu.com/security/CVE-2022-2347 |
| URL | Tags |
|---|---|
| https://seclists.org/oss-sec/2022/q3/41 | Exploit Mailing List Third Party Advisory |
| https://lists.debian.org/debian-lts-announce/2025/05/msg00001.html | |
| https://cert-portal.siemens.com/productcert/html/ssa-577017.html |