U-Boot tools provides utiiities for working with Das U-Boot.
A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier referenced below for details.
In Das U-Boot a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code.
There is no known workaround at this time.
All U-Boot tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-embedded/u-boot-tools-2020.04"