I apologize if I missed it, but I haven't see any mention of this recent vulnerability here, excerpts below.
http://www.kb.cert.org/vuls/id/166743 -----snip----- Vulnerability Note VU#166743 Das U-Boot AES-CBC encryption implementation contains multiple vulnerabilities Original Release date: 08 Sep 2017 Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper handling of an error condition may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. An attacker with physical access to the device may be able to decrypt the device's contents. The CERT/CC is currently unaware of a practical solution to this problem. -----snip----- _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot