CVE-2020-13910

Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt