{"id":"CVE-2019-11059","details":"Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.","modified":"2026-04-10T04:14:04.185717Z","published":"2019-05-10T20:29:00.443Z","related":["SUSE-SU-2020:3255-1","SUSE-SU-2020:3256-1","SUSE-SU-2020:3282-1","SUSE-SU-2020:3283-1","SUSE-SU-2020:3474-1","openSUSE-SU-2020:1930-1"],"references":[{"type":"WEB","url":"https://git.denx.de/?p=u-boot.git%3Ba=commit%3Bh=febbc583319b567fe3d83e521cc2ace9be8d1501"},{"type":"FIX","url":"https://github.com/u-boot/u-boot/commits/master"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/u-boot/u-boot","events":[{"introduced":"29e0cfb4f77f7aa369136302cee14a91e22dca71"},{"last_affected":"3c99166441bf3ea325af2da83cfe65430b49c066"},{"introduced":"0"},{"last_affected":"53fec162061811a73c7dab3207f8fdb2343ae289"},{"introduced":"0"},{"last_affected":"d5a815327d2c257fbba108ff46974b1c1d12fd2a"},{"introduced":"0"},{"last_affected":"d8bdfc80da39211d95f10d24e79f2e867305f71b"}],"database_specific":{"versions":[{"introduced":"2016.11"},{"last_affected":"2019.04"},{"introduced":"0"},{"last_affected":"2016.11-rc1"},{"introduced":"0"},{"last_affected":"2016.11-rc2"},{"introduced":"0"},{"last_affected":"2016.11-rc3"}]}}],"versions":["LABEL_2002_11_05_0120","LABEL_2002_11_05_1735","LABEL_2002_11_10_2310","LABEL_2002_11_11_2211","LABEL_2002_11_18_0115","LABEL_2002_11_22_0015","LABEL_2002_12_03_2230","LABEL_2002_12_07_0120","LABEL_2002_12_21_0040","LABEL_2002_12_28_1700","LABEL_2003_01_11_1050","LABEL_2003_01_14_0055","LABEL_2003_02_28_0150","LABEL_2003_03_06_0050","LABEL_2003_03_06_0200","LABEL_2003_03_06_1440","LABEL_2003_03_06_2255","LABEL_2003_03_14_2150","LABEL_2003_03_25_1830","LABEL_2003_03_26_1300","LABEL_2003_03_27_1900","LABEL_2003_04_05_0300","LABEL_2003_04_15_1900","LABEL_2003_05_03_1700","LABEL_2003_05_12_2355","LABEL_2003_05_20_1630","LABEL_2003_05_20_2250","LABEL_2003_05_22_2230","LABEL_2003_05_23_0055","LABEL_2003_05_23_1450","LABEL_2003_05_30_1450","LABEL_2003_05_31_2115","LABEL_2003_06_04_0200","LABEL_2003_06_05_2140","LABEL_2003_06_16_0055","LABEL_2003_06_22_1530","LABEL_2003_06_26_2220","LABEL_2003_06_27_2340","LABEL_2003_06_29_0145","LABEL_2003_09_06_0055","LABEL_2003_09_12_0110","LABEL_2003_09_12_1745","LABEL_2003_09_13_2100","LABEL_2003_09_16_2310","LABEL_2003_09_18_2045","LABEL_2003_10_01_1830","LABEL_2003_10_06_2355","LABEL_2003_10_09_1515","LABEL_2003_10_09_2320","LABEL_2003_10_10_1200","LABEL_2003_10_14_2140","LABEL_2003_10_16_0200","LABEL_2003_10_20_0025","LABEL_2003_11_26_MKR","LABEL_2003_12_06_1550","LABEL_2004_01_21_2110","LABEL_2004_01_29_1030","LABEL_2004_02_11_2240","LABEL_2004_02_20_2310","LABEL_2004_02_24_0305","LABEL_2004_03_12_0130","LABEL_2004_03_14_2340","LABEL_2004_03_16_2330","LABEL_2004_03_25_1630","LABEL_2004_04_18_2135","LABEL_2004_04_23_2240","LABEL_2004_05_19_2335","LABEL_2004_05_29_1850","LABEL_2004_06_24_1800","LABEL_2004_07_01_1200","LABEL_2004_08_28_2355","LABEL_2004_08_29_0045","LABEL_2004_09_09_0000","LABEL_2004_10_12_0110","LABEL_2004_10_20_0020","LABEL_2004_11_17_2222","LABEL_2004_11_25_0035","LABEL_2004_12_18_2335","LABEL_2004_12_19_1100","LABEL_2004_12_19_2240","LABEL_2004_12_20_1220","LABEL_2005_01_31_2245","LABEL_2005_02_07_2045","LABEL_2005_02_08_1615","LABEL_2005_02_28_0050","LABEL_2005_03_06_0225","LABEL_2005_03_15_0125","LABEL_2005_04_05_1830","LABEL_2005_04_05_2345","LABEL_2005_04_14_0115","LABEL_2005_05_05_1920","LABEL_2005_05_09_1245","LABEL_2005_05_13_0050","LABEL_2005_07_04_0202","LABEL_2005_09_15_2320","LABEL_2006_04_18_1106","LABEL_2006_05_10_1800","LABEL_2006_05_19_1133","LABEL_2006_06_30_2020","U-Boot-0_2_0","U-Boot-0_3_0","U-Boot-0_3_1","U-Boot-0_4_0","U-Boot-0_4_1","U-Boot-0_4_2","U-Boot-0_4_3","U-Boot-0_4_4","U-Boot-0_4_5","U-Boot-0_4_6","U-Boot-0_4_7","U-Boot-0_4_8","U-Boot-1_0_0","U-Boot-1_0_1","U-Boot-1_0_2","U-Boot-1_1_0","U-Boot-1_1_1","U-Boot-1_1_2","U-Boot-1_1_3","U-Boot-1_1_4","U-Boot-1_1_6","U-Boot-1_2_0","v1.3.1","v1.3.1-rc1","v1.3.2","v1.3.2-rc2","v1.3.2-rc3","v1.3.3","v1.3.3-rc1","v1.3.3-rc2","v1.3.3-rc3","v2008.10-rc2","v2009.01","v2009.01-rc1","v2009.01-rc2","v2009.01-rc3","v2009.03","v2009.03-rc1","v2009.03-rc2","v2009.06","v2009.06-rc1","v2009.06-rc2","v2009.06-rc3","v2009.08","v2009.08-rc1","v2009.08-rc2","v2009.08-rc3","v2009.11","v2009.11-rc1","v2009.11-rc2","v2010.03","v2010.03-rc1","v2010.03-rc2","v2010.03-rc3","v2010.06-rc1","v2010.06-rc2","v2010.09","v2010.09-rc1","v2010.12","v2010.12-rc1","v2010.12-rc2","v2010.12-rc3","v2011.03","v2011.03-rc1","v2011.03-rc2","v2011.06","v2011.06-rc1","v2011.06-rc2","v2011.06-rc3","v2011.09","v2011.09-rc1","v2011.09-rc2","v2011.12","v2011.12-rc1","v2011.12-rc2","v2011.12-rc3","v2012.04","v2012.04-rc1","v2012.04-rc2","v2012.04-rc3","v2012.04.01","v2012.07","v2012.07-rc1","v2012.07-rc2","v2012.07-rc3","v2012.10","v2012.10-rc1","v2012.10-rc2","v2012.10-rc3","v2013.01","v2013.01-rc1","v2013.01-rc2","v2013.01-rc3","v2013.04","v2013.04-rc1","v2013.04-rc2","v2013.04-rc3","v2013.07","v2013.07-rc1","v2013.07-rc2","v2013.07-rc3","v2013.10","v2013.10-rc1","v2013.10-rc2","v2013.10-rc3","v2013.10-rc4","v2014.01-rc1","v2014.04","v2014.07","v2014.07-rc1","v2014.07-rc2","v2014.07-rc3","v2014.07-rc4","v2014.10","v2014.10-rc1","v2014.10-rc2","v2014.10-rc3","v2015.01","v2015.01-rc1","v2015.01-rc2","v2015.01-rc3","v2015.01-rc4","v2015.04","v2015.04-rc1","v2015.04-rc2","v2015.04-rc3","v2015.04-rc4","v2015.04-rc5","v2015.07","v2015.07-rc1","v2015.07-rc2","v2015.07-rc3","v2015.10","v2015.10-rc1","v2015.10-rc2","v2015.10-rc3","v2015.10-rc4","v2015.10-rc5","v2016.01","v2016.01-rc1","v2016.01-rc2","v2016.01-rc3","v2016.01-rc4","v2016.03","v2016.03-rc1","v2016.03-rc2","v2016.03-rc3","v2016.05","v2016.05-rc1","v2016.05-rc2","v2016.05-rc3","v2016.07","v2016.07-rc1","v2016.07-rc2","v2016.07-rc3","v2016.09","v2016.09-rc1","v2016.09-rc2","v2016.11","v2016.11-rc1","v2016.11-rc2","v2016.11-rc3","v2017.01","v2017.01-rc1","v2017.01-rc2","v2017.01-rc3","v2017.03","v2017.03-rc1","v2017.03-rc2","v2017.03-rc3","v2017.05","v2017.05-rc1","v2017.05-rc2","v2017.05-rc3","v2017.07","v2017.07-rc1","v2017.07-rc2","v2017.07-rc3","v2017.09","v2017.09-rc1","v2017.09-rc2","v2017.09-rc3","v2017.09-rc4","v2017.11","v2017.11-rc1","v2017.11-rc2","v2017.11-rc3","v2017.11-rc4","v2018.01","v2018.01-rc1","v2018.01-rc2","v2018.01-rc3","v2018.03","v2018.03-rc1","v2018.03-rc2","v2018.03-rc3","v2018.03-rc4","v2018.05","v2018.05-rc1","v2018.05-rc2","v2018.05-rc3","v2018.07","v2018.07-rc1","v2018.07-rc2","v2018.07-rc3","v2018.09","v2018.09-rc1","v2018.09-rc2","v2018.09-rc3","v2018.11","v2018.11-rc1","v2018.11-rc2","v2018.11-rc3","v2019.01","v2019.01-rc1","v2019.01-rc2","v2019.01-rc3","v2019.04","v2019.04-rc1","v2019.04-rc2","v2019.04-rc3","v2019.04-rc4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11059.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}