An update for uboot-tools is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1971 Final 1.0 1.0 2026-04-17 Initial 2026-04-17 2026-04-17 openEuler SA Tool V1.0 2026-04-17 uboot-tools security update An update for uboot-tools is now available for openEuler-22.03-LTS-SP4,openEuler-24.03-LTS,openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-24.03-LTS-SP3,openEuler-20.03-LTS-SP4 This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fw_printenv and fw_setenv programs to read and modify U-Boot's environment. Security Fix(es): Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses.(CVE-2024-42040) An update for uboot-tools is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP1/openEuler-22.03-LTS-SP3/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-24.03-LTS-SP2/openEuler-24.03-LTS-SP1/openEuler-24.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High uboot-tools https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1971 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-42040 https://nvd.nist.gov/vuln/detail/CVE-2024-42040 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 uboot-images-armv8-2021.10-12.oe2203sp4.noarch.rpm uboot-tools-help-2021.10-12.oe2203sp4.noarch.rpm uboot-images-armv8-2024.01-4.oe2403.noarch.rpm uboot-tools-help-2024.01-4.oe2403.noarch.rpm uboot-images-armv8-2024.01-4.oe2403sp1.noarch.rpm uboot-tools-help-2024.01-4.oe2403sp1.noarch.rpm uboot-images-armv8-2024.01-4.oe2403sp2.noarch.rpm uboot-tools-help-2024.01-4.oe2403sp2.noarch.rpm uboot-images-armv8-2024.01-4.oe2403sp3.noarch.rpm uboot-tools-help-2024.01-4.oe2403sp3.noarch.rpm uboot-images-armv8-2020.07-11.oe2003sp4.noarch.rpm uboot-tools-help-2020.07-11.oe2003sp4.noarch.rpm uboot-images-elf-2021.10-12.oe2203sp4.aarch64.rpm uboot-tools-2021.10-12.oe2203sp4.aarch64.rpm uboot-tools-debuginfo-2021.10-12.oe2203sp4.aarch64.rpm uboot-tools-debugsource-2021.10-12.oe2203sp4.aarch64.rpm uboot-images-elf-2024.01-4.oe2403.aarch64.rpm uboot-tools-2024.01-4.oe2403.aarch64.rpm uboot-tools-debuginfo-2024.01-4.oe2403.aarch64.rpm uboot-tools-debugsource-2024.01-4.oe2403.aarch64.rpm uboot-images-elf-2024.01-4.oe2403sp1.aarch64.rpm uboot-tools-2024.01-4.oe2403sp1.aarch64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp1.aarch64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp1.aarch64.rpm uboot-images-elf-2024.01-4.oe2403sp2.aarch64.rpm uboot-tools-2024.01-4.oe2403sp2.aarch64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp2.aarch64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp2.aarch64.rpm uboot-images-elf-2024.01-4.oe2403sp3.aarch64.rpm uboot-tools-2024.01-4.oe2403sp3.aarch64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp3.aarch64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp3.aarch64.rpm uboot-images-elf-2020.07-11.oe2003sp4.aarch64.rpm uboot-tools-2020.07-11.oe2003sp4.aarch64.rpm uboot-tools-debuginfo-2020.07-11.oe2003sp4.aarch64.rpm uboot-tools-debugsource-2020.07-11.oe2003sp4.aarch64.rpm uboot-tools-2021.10-12.oe2203sp4.src.rpm uboot-tools-2024.01-4.oe2403.src.rpm uboot-tools-2024.01-4.oe2403sp1.src.rpm uboot-tools-2024.01-4.oe2403sp2.src.rpm uboot-tools-2024.01-4.oe2403sp3.src.rpm uboot-tools-2020.07-11.oe2003sp4.src.rpm uboot-tools-2021.10-12.oe2203sp4.x86_64.rpm uboot-tools-debuginfo-2021.10-12.oe2203sp4.x86_64.rpm uboot-tools-debugsource-2021.10-12.oe2203sp4.x86_64.rpm uboot-tools-2024.01-4.oe2403.x86_64.rpm uboot-tools-debuginfo-2024.01-4.oe2403.x86_64.rpm uboot-tools-debugsource-2024.01-4.oe2403.x86_64.rpm uboot-tools-2024.01-4.oe2403sp1.x86_64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp1.x86_64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp1.x86_64.rpm uboot-tools-2024.01-4.oe2403sp2.x86_64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp2.x86_64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp2.x86_64.rpm uboot-tools-2024.01-4.oe2403sp3.x86_64.rpm uboot-tools-debuginfo-2024.01-4.oe2403sp3.x86_64.rpm uboot-tools-debugsource-2024.01-4.oe2403sp3.x86_64.rpm uboot-tools-2020.07-11.oe2003sp4.x86_64.rpm uboot-tools-debuginfo-2020.07-11.oe2003sp4.x86_64.rpm uboot-tools-debugsource-2020.07-11.oe2003sp4.x86_64.rpm Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses. 2026-04-17 CVE-2024-42040 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-24.03-LTS-SP3 openEuler-20.03-LTS-SP4 High 8.1 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H uboot-tools security update 2026-04-17 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1971