{"id":"CVE-2019-11059","details":"Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow.","modified":"2026-07-08T16:07:40.568231Z","published":"2019-05-10T20:29:00.443Z","related":["SUSE-SU-2020:3255-1","SUSE-SU-2020:3256-1","SUSE-SU-2020:3282-1","SUSE-SU-2020:3283-1","SUSE-SU-2020:3474-1","openSUSE-SU-2020:1930-1"],"references":[{"type":"WEB","url":"https://git.denx.de/?p=u-boot.git%3Ba=commit%3Bh=febbc583319b567fe3d83e521cc2ace9be8d1501"},{"type":"FIX","url":"https://github.com/u-boot/u-boot/commits/master"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/u-boot/u-boot","events":[{"introduced":"29e0cfb4f77f7aa369136302cee14a91e22dca71"},{"last_affected":"3c99166441bf3ea325af2da83cfe65430b49c066"},{"introduced":"53fec162061811a73c7dab3207f8fdb2343ae289"},{"last_affected":"d8bdfc80da39211d95f10d24e79f2e867305f71b"}],"database_specific":{"cpe":["cpe:2.3:a:denx:u-boot:*:*:*:*:*:*:*:*","cpe:2.3:a:denx:u-boot:2016.11:rc1:*:*:*:*:*:*","cpe:2.3:a:denx:u-boot:2016.11:rc2:*:*:*:*:*:*","cpe:2.3:a:denx:u-boot:2016.11:rc3:*:*:*:*:*:*"],"source":["CPE_RANGE","CPE_STRING"],"extracted_events":[{"introduced":"2016.11"},{"last_affected":"2019.04"},{"introduced":"2016.11-rc1"},{"last_affected":"2016.11-rc1"},{"introduced":"2016.11-rc2"},{"last_affected":"2016.11-rc2"},{"introduced":"2016.11-rc3"},{"last_affected":"2016.11-rc3"}]}}],"versions":["2016.11-rc1","2016.11-rc2","2016.11-rc3","v2019.04","v2019.04-rc4","v2019.04-rc3","v2019.04-rc2","v2019.04-rc1","v2019.01","v2019.01-rc3","v2019.01-rc2","v2019.01-rc1","v2018.11","v2018.11-rc3","v2018.11-rc2","v2018.11-rc1","v2018.09","v2018.09-rc3","v2018.09-rc2","v2018.09-rc1","v2018.07","v2018.07-rc3","v2018.07-rc2","v2018.07-rc1","v2018.05","v2018.05-rc3","v2018.05-rc2","v2018.05-rc1","v2018.03","v2018.03-rc4","v2018.03-rc3","v2018.03-rc2","v2018.03-rc1","v2018.01","v2018.01-rc3","v2018.01-rc2","v2018.01-rc1","v2017.11","v2017.11-rc4","v2017.11-rc3","v2017.11-rc2","v2017.11-rc1","v2017.09","v2017.09-rc4","v2017.09-rc3","v2017.09-rc2","v2017.09-rc1","v2017.07","v2017.07-rc3","v2017.07-rc2","v2017.07-rc1","v2017.05","v2017.05-rc3","v2017.05-rc2","v2017.05-rc1","v2017.03","v2017.03-rc3","v2017.03-rc2","v2017.03-rc1","v2017.01","v2017.01-rc3","v2017.01-rc2","v2017.01-rc1","v2016.11","v2016.11-rc3","v2016.11-rc2","v2016.11-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11059.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}