Описание
The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 32.5.1 (исключая)
Одновременно
cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*
cpe:2.3:h:nvidia:jetson_tx1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 7%
0.00027
Низкий
6.3 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
The ARM TrustZone Technology on which Trusty is based on contains a vulnerability in access permission settings where the portion of the DRAM reserved for TrustZone is identity-mapped by TLK with read, write, and execute permissions, which gives write access to kernel code and data that is otherwise mapped read only.
EPSS
Процентиль: 7%
0.00027
Низкий
6.3 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-276