Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-34963— barebox EFI PE Loader Memory Safety Vulnerabilities

CVSS 8.4 · High EPSS 0.02% · P5

Affected Version Matrix 1

VendorProductVersion RangeStatus
bareboxbarebox≤ 2026.04.0affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-34963

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
barebox EFI PE Loader Memory Safety Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section loading logic fails to validate that PointerToRawData plus copied size remains within the PE file buffer. An attacker can supply a malicious EFI PE binary via TFTP, USB, SD card, or network boot to trigger heap buffer overflow or out-of-bounds read from heap memory, potentially achieving code execution in bootloader context.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
整数溢出或超界折返
Source: NVD (National Vulnerability Database)
Vulnerability Title
Barebox 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Barebox是Barebox开源的一个多功能且灵活的引导加载程序。 barebox 2026.04.0之前版本存在输入验证错误漏洞,该漏洞源于EFI PE加载器中整数溢出和未验证边界,可能导致攻击者提供恶意EFI PE二进制文件触发堆缓冲区溢出或越界读取并可能在引导加载程序环境中执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
bareboxbarebox 0 ~ 2026.04.0 -

II. Public POCs for CVE-2026-34963

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-34963

登录查看更多情报信息。

Same Patch Batch · barebox · 2026-05-11 · 4 CVEs total

CVE-2026-349606.5 MEDIUMbarebox Out-of-Bounds Read in DHCP Option Parsing
CVE-2026-349626.2 MEDIUMbarebox ext4 Directory Parsing Infinite Loop Denial of Service
CVE-2026-349616.2 MEDIUMbarebox ext4 Extent Parsing Out-of-Bounds Read

IV. Related Vulnerabilities

Same product: barebox
Same vendor: barebox
Same weakness: CWE-190

V. Comments for CVE-2026-34963

No comments yet

Leave a comment