Launchpad.net

CVE 2019-13105

Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.

See the CVE page on Mitre.org for more details.