Flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component. They open the door to denial-of-service attacks, device takeover and code-execution. The bugs could allow attackers to gain full control of an impacted device s CPU and modify anything they choose. There are both local and remote paths to exploitation for these flaws, including physical access to external media, such as an SD card or USB drive, to boot from external media.
Source: https://threatpost.com/amazon-kindle-embedded-devices-code-execution/150003/