{"id":"CVE-2021-27138","details":"The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT.","modified":"2026-04-11T13:54:03.377521Z","published":"2021-02-17T23:15:13.717Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00037.html"},{"type":"FIX","url":"https://github.com/u-boot/u-boot/commit/3f04db891a353f4b127ed57279279f851c6b4917"},{"type":"FIX","url":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4"},{"type":"FIX","url":"https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/u-boot/u-boot","events":[{"introduced":"0"},{"last_affected":"c4fddedc48f336eabc4ce3f74940e6aa372de18c"},{"introduced":"0"},{"last_affected":"1aa9c3b9308763f9b1d3e31a02276baf98245945"},{"fixed":"3f04db891a353f4b127ed57279279f851c6b4917"},{"fixed":"79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4"},{"fixed":"b6f4c757959f8850e1299a77c8e5713da78e8ec0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2021.01"},{"introduced":"0"},{"last_affected":"2021.04-rc1"}]}}],"versions":["LABEL_2002_11_05_0120","LABEL_2002_11_05_1735","LABEL_2002_11_10_2310","LABEL_2002_11_11_2211","LABEL_2002_11_18_0115","LABEL_2002_11_22_0015","LABEL_2002_12_03_2230","LABEL_2002_12_07_0120","LABEL_2002_12_21_0040","LABEL_2002_12_28_1700","LABEL_2003_01_11_1050","LABEL_2003_01_14_0055","LABEL_2003_02_28_0150","LABEL_2003_03_06_0050","LABEL_2003_03_06_0200","LABEL_2003_03_06_1440","LABEL_2003_03_06_2255","LABEL_2003_03_14_2150","LABEL_2003_03_25_1830","LABEL_2003_03_26_1300","LABEL_2003_03_27_1900","LABEL_2003_04_05_0300","LABEL_2003_04_15_1900","LABEL_2003_05_03_1700","LABEL_2003_05_12_2355","LABEL_2003_05_20_1630","LABEL_2003_05_20_2250","LABEL_2003_05_22_2230","LABEL_2003_05_23_0055","LABEL_2003_05_23_1450","LABEL_2003_05_30_1450","LABEL_2003_05_31_2115","LABEL_2003_06_04_0200","LABEL_2003_06_05_2140","LABEL_2003_06_16_0055","LABEL_2003_06_22_1530","LABEL_2003_06_26_2220","LABEL_2003_06_27_2340","LABEL_2003_06_29_0145","LABEL_2003_09_06_0055","LABEL_2003_09_12_0110","LABEL_2003_09_12_1745","LABEL_2003_09_13_2100","LABEL_2003_09_16_2310","LABEL_2003_09_18_2045","LABEL_2003_10_01_1830","LABEL_2003_10_06_2355","LABEL_2003_10_09_1515","LABEL_2003_10_09_2320","LABEL_2003_10_10_1200","LABEL_2003_10_14_2140","LABEL_2003_10_16_0200","LABEL_2003_10_20_0025","LABEL_2003_11_26_MKR","LABEL_2003_12_06_1550","LABEL_2004_01_21_2110","LABEL_2004_01_29_1030","LABEL_2004_02_11_2240","LABEL_2004_02_20_2310","LABEL_2004_02_24_0305","LABEL_2004_03_12_0130","LABEL_2004_03_14_2340","LABEL_2004_03_16_2330","LABEL_2004_03_25_1630","LABEL_2004_04_18_2135","LABEL_2004_04_23_2240","LABEL_2004_05_19_2335","LABEL_2004_05_29_1850","LABEL_2004_06_24_1800","LABEL_2004_07_01_1200","LABEL_2004_08_28_2355","LABEL_2004_08_29_0045","LABEL_2004_09_09_0000","LABEL_2004_10_12_0110","LABEL_2004_10_20_0020","LABEL_2004_11_17_2222","LABEL_2004_11_25_0035","LABEL_2004_12_18_2335","LABEL_2004_12_19_1100","LABEL_2004_12_19_2240","LABEL_2004_12_20_1220","LABEL_2005_01_31_2245","LABEL_2005_02_07_2045","LABEL_2005_02_08_1615","LABEL_2005_02_28_0050","LABEL_2005_03_06_0225","LABEL_2005_03_15_0125","LABEL_2005_04_05_1830","LABEL_2005_04_05_2345","LABEL_2005_04_14_0115","LABEL_2005_05_05_1920","LABEL_2005_05_09_1245","LABEL_2005_05_13_0050","LABEL_2005_07_04_0202","LABEL_2005_09_15_2320","LABEL_2006_04_18_1106","LABEL_2006_05_10_1800","LABEL_2006_05_19_1133","LABEL_2006_06_30_2020","U-Boot-0_2_0","U-Boot-0_3_0","U-Boot-0_3_1","U-Boot-0_4_0","U-Boot-0_4_1","U-Boot-0_4_2","U-Boot-0_4_3","U-Boot-0_4_4","U-Boot-0_4_5","U-Boot-0_4_6","U-Boot-0_4_7","U-Boot-0_4_8","U-Boot-1_0_0","U-Boot-1_0_1","U-Boot-1_0_2","U-Boot-1_1_0","U-Boot-1_1_1","U-Boot-1_1_2","U-Boot-1_1_3","U-Boot-1_1_4","U-Boot-1_1_6","U-Boot-1_2_0","v1.3.1","v1.3.1-rc1","v1.3.2","v1.3.2-rc2","v1.3.2-rc3","v1.3.3","v1.3.3-rc1","v1.3.3-rc2","v1.3.3-rc3","v2008.10-rc2","v2009.01","v2009.01-rc1","v2009.01-rc2","v2009.01-rc3","v2009.03","v2009.03-rc1","v2009.03-rc2","v2009.06","v2009.06-rc1","v2009.06-rc2","v2009.06-rc3","v2009.08","v2009.08-rc1","v2009.08-rc2","v2009.08-rc3","v2009.11","v2009.11-rc1","v2009.11-rc2","v2010.03","v2010.03-rc1","v2010.03-rc2","v2010.03-rc3","v2010.06-rc1","v2010.06-rc2","v2010.09","v2010.09-rc1","v2010.12","v2010.12-rc1","v2010.12-rc2","v2010.12-rc3","v2011.03","v2011.03-rc1","v2011.03-rc2","v2011.06","v2011.06-rc1","v2011.06-rc2","v2011.06-rc3","v2011.09","v2011.09-rc1","v2011.09-rc2","v2011.12","v2011.12-rc1","v2011.12-rc2","v2011.12-rc3","v2012.04","v2012.04-rc1","v2012.04-rc2","v2012.04-rc3","v2012.04.01","v2012.07","v2012.07-rc1","v2012.07-rc2","v2012.07-rc3","v2012.10","v2012.10-rc1","v2012.10-rc2","v2012.10-rc3","v2013.01","v2013.01-rc1","v2013.01-rc2","v2013.01-rc3","v2013.04","v2013.04-rc1","v2013.04-rc2","v2013.04-rc3","v2013.07","v2013.07-rc1","v2013.07-rc2","v2013.07-rc3","v2013.10","v2013.10-rc1","v2013.10-rc2","v2013.10-rc3","v2013.10-rc4","v2014.01-rc1","v2014.04","v2014.07","v2014.07-rc1","v2014.07-rc2","v2014.07-rc3","v2014.07-rc4","v2014.10","v2014.10-rc1","v2014.10-rc2","v2014.10-rc3","v2015.01","v2015.01-rc1","v2015.01-rc2","v2015.01-rc3","v2015.01-rc4","v2015.04","v2015.04-rc1","v2015.04-rc2","v2015.04-rc3","v2015.04-rc4","v2015.04-rc5","v2015.07","v2015.07-rc1","v2015.07-rc2","v2015.07-rc3","v2015.10","v2015.10-rc1","v2015.10-rc2","v2015.10-rc3","v2015.10-rc4","v2015.10-rc5","v2016.01","v2016.01-rc1","v2016.01-rc2","v2016.01-rc3","v2016.01-rc4","v2016.03","v2016.03-rc1","v2016.03-rc2","v2016.03-rc3","v2016.05","v2016.05-rc1","v2016.05-rc2","v2016.05-rc3","v2016.07","v2016.07-rc1","v2016.07-rc2","v2016.07-rc3","v2016.09","v2016.09-rc1","v2016.09-rc2","v2016.11","v2016.11-rc1","v2016.11-rc2","v2016.11-rc3","v2017.01","v2017.01-rc1","v2017.01-rc2","v2017.01-rc3","v2017.03","v2017.03-rc1","v2017.03-rc2","v2017.03-rc3","v2017.05","v2017.05-rc1","v2017.05-rc2","v2017.05-rc3","v2017.07","v2017.07-rc1","v2017.07-rc2","v2017.07-rc3","v2017.09","v2017.09-rc1","v2017.09-rc2","v2017.09-rc3","v2017.09-rc4","v2017.11","v2017.11-rc1","v2017.11-rc2","v2017.11-rc3","v2017.11-rc4","v2018.01","v2018.01-rc1","v2018.01-rc2","v2018.01-rc3","v2018.03","v2018.03-rc1","v2018.03-rc2","v2018.03-rc3","v2018.03-rc4","v2018.05","v2018.05-rc1","v2018.05-rc2","v2018.05-rc3","v2018.07","v2018.07-rc1","v2018.07-rc2","v2018.07-rc3","v2018.09","v2018.09-rc1","v2018.09-rc2","v2018.09-rc3","v2018.11","v2018.11-rc1","v2018.11-rc2","v2018.11-rc3","v2019.01","v2019.01-rc1","v2019.01-rc2","v2019.01-rc3","v2019.04","v2019.04-rc1","v2019.04-rc2","v2019.04-rc3","v2019.04-rc4","v2019.07","v2019.07-rc1","v2019.07-rc2","v2019.07-rc3","v2019.07-rc4","v2019.10","v2019.10-rc1","v2019.10-rc2","v2019.10-rc3","v2019.10-rc4","v2020.01","v2020.01-rc1","v2020.01-rc2","v2020.01-rc3","v2020.01-rc4","v2020.01-rc5","v2020.04","v2020.04-rc1","v2020.04-rc2","v2020.04-rc3","v2020.04-rc4","v2020.04-rc5","v2020.07","v2020.07-rc1","v2020.07-rc2","v2020.07-rc3","v2020.07-rc4","v2020.07-rc5","v2020.10","v2020.10-rc1","v2020.10-rc2","v2020.10-rc3","v2020.10-rc4","v2020.10-rc5","v2021.01","v2021.01-rc1","v2021.01-rc2","v2021.01-rc3","v2021.01-rc4","v2021.01-rc5","v2021.04-rc1"],"database_specific":{"vanir_signatures_modified":"2026-04-11T13:54:03Z","vanir_signatures":[{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-02036218","source":"https://github.com/u-boot/u-boot/commit/3f04db891a353f4b127ed57279279f851c6b4917","digest":{"threshold":0.9,"line_hashes":["206856508165849262040274073993952403070","304783466366752167541973436966665946442","268958288493425403732993653241428987256","277205223280339506418444932177697617516","197179099896726087065164258855455082802","26599414204928692504942038743648912792","286618880431999553200412047850656626328","244927841958445472430618619291813551738","131248012549056531505366231243170636773","270530230831600292090924205428814315753","114059787882482014005502430218675156163","188159315192499096251537145109869566095","48125076312158927075600883884517612461","5536172035312072026557161107768013497","228927715772545964427251778076669857616","246877777238379429185228436817314052935","285595166508259713416259403651795256568"]},"target":{"file":"common/image-fit.c"},"signature_type":"Line"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-18c9991a","source":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4","digest":{"threshold":0.9,"line_hashes":["28376415573663989928742004722550448505","30477741881236117194070548264133640168","68914535720359400916432037813842174857","50495324263926166541470236522161231341","161859495348476090214883368417860530505","106130908286084267008211589576895982086","126371989062421587352211608125753014804","66382178942025131586553529967955656317","293473330612143103103907508200957991587","27566444765426004275981525411826167662","66332427514533188291902636138180808273","89563995727513774014385754408226547243"]},"target":{"file":"common/image-fit-sig.c"},"signature_type":"Line"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-321192b1","source":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4","digest":{"threshold":0.9,"line_hashes":["186413313942904105194495494385495944217","208379399041551172917913136420623780609","51026304443043001372045773512009437006","72037666624059546477143695012808636181","226737818266534359708511228617443994535","338243742869174390634109635977112111132","221164147428764310386622185201074087844","135222611370140023642036545351613648436","158194882789575764506738113603075254454","73031900201207140715497597745192203597","165502494895329840701348614288140271964","233115323860955451059491678110945801168","339874264635864788935358231644586643266","142412036479376143757588993746569951010","156103134567624619111188921663581498814","271743152461757973064921977660547572773"]},"target":{"file":"common/image-fit.c"},"signature_type":"Line"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-57c9d33a","source":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4","digest":{"function_hash":"333365649679331267956624585490010087736","length":838},"target":{"file":"common/image-fit-sig.c","function":"fit_image_verify_sig"},"signature_type":"Function"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-617037f9","source":"https://github.com/u-boot/u-boot/commit/3f04db891a353f4b127ed57279279f851c6b4917","digest":{"function_hash":"314648990520064986228000964536005924926","length":858},"target":{"file":"common/image-fit.c","function":"fit_check_format"},"signature_type":"Function"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-908f39db","source":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4","digest":{"function_hash":"128940894763495258815411574405941376322","length":416},"target":{"file":"common/image-fit.c","function":"fit_image_verify"},"signature_type":"Function"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-b615fbf1","source":"https://github.com/u-boot/u-boot/commit/3f04db891a353f4b127ed57279279f851c6b4917","digest":{"function_hash":"105907397535894568390298830622826904957","length":5573},"target":{"file":"common/image-fit.c","function":"fit_image_load"},"signature_type":"Function"},{"signature_version":"v1","deprecated":false,"id":"CVE-2021-27138-dfaf0ebc","source":"https://github.com/u-boot/u-boot/commit/79af75f7776fc20b0d7eb6afe1e27c00fdb4b9b4","digest":{"function_hash":"232815068828677370244000028361701345583","length":1084},"target":{"file":"common/image-fit-sig.c","function":"fit_config_verify_required_sigs"},"signature_type":"Function"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-27138.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}