CVE-2026-34155 PUBLISHED

RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

Assigner: GitHub_M
Reserved: 25.03.2026 Published: 31.03.2026 Updated: 31.03.2026

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a legitimate signature, an attacker can modify the part of the payload which is not covered by the signature. This issue has been patched in version 1.15.2.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:H/SI:H/SA:H
CVSS Score: 7.2

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	Low	Confidentiality	High
Attack Complexity	Low	Integrity	High	Integrity	High
Attack Requirements	Present	Availability	None	Availability	High
Privileges Required	Low
User Interaction	Passive

CVSS 4.0

Product Status

Vendor	rauc
Product	rauc
Versions	Version < 1.15.2 is affected

References

Problem Types

CWE-196: Unsigned to Signed Conversion Error CWE
CWE-347: Improper Verification of Cryptographic Signature CWE