CVE-2026-34961
Out-of-Bounds Read in barebox Bootloader via Malicious ext4 Image
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| barebox | barebox | to 2026.04.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in barebox versions prior to 2026.04.0 and involves out-of-bounds read errors during ext4 filesystem extent parsing. Specifically, the vulnerability arises because the eh_entries field is not properly validated against the buffer capacity in the ext4_common.c file. An attacker can exploit this by providing a malicious ext4 filesystem image through USB, SD card, or network boot, causing the system to perform heap out-of-bounds reads during boot-time filesystem parsing.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can trigger heap out-of-bounds reads, potentially redirecting reads to arbitrary disk offsets. This can lead to unauthorized access to data or system instability during the boot process. The CVSS v3.1 score indicates a moderate severity with a base score of 6.2, highlighting that the vulnerability can cause high impact on availability but does not directly affect confidentiality or integrity.