Описание
In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other firmware update code.
Ссылки
- Issue TrackingPatchVDB Entry
- Issue TrackingPatchVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:arm_trusted_firmware_project:arm_trusted_firmware:1.2:*:*:*:*:*:*:*
cpe:2.3:o:arm_trusted_firmware_project:arm_trusted_firmware:1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00439
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other firmware update code.
EPSS
Процентиль: 63%
0.00439
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-190