CVE-2024-6287

🗓️ 24 Jun 2024 15:37:15Reported by ASRGType

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code

Reporter	Title	Published	Views	Family All 17
CNNVD	Linaro Trusted Firmware-A Security Vulnerability	24 Jun 202400:00	–	cnnvd
Cvelist	CVE-2024-6287 Incorrect Address Range Calculations	24 Jun 202415:37	–	cvelist
Debian CVE	CVE-2024-6287	24 Jun 202415:37	–	debiancve
EUVD	EUVD-2024-47405	3 Oct 202520:07	–	euvd
NVD	CVE-2024-6287	24 Jun 202416:15	–	nvd
OSV	CVE-2024-6287	24 Jun 202416:15	–	osv
OSV	DEBIAN-CVE-2024-6287	24 Jun 202416:15	–	osv
OSV	OESA-2024-2544 arm-trusted-firmware security update	13 Dec 202413:18	–	osv
OSV	OESA-2024-2566 arm-trusted-firmware security update	20 Dec 202413:07	–	osv
OSV	OESA-2024-2567 arm-trusted-firmware security update	20 Dec 202413:07	–	osv

NVD

Node

renesas rcar_gen3Matchv2.5

[
  {
    "defaultStatus": "unaffected",
    "packageName": "arm-trusted-firmware",
    "product": "rcar_gen3_v2.5",
    "programFiles": [
      "https://github.com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.c"
    ],
    "repo": "https://github.com/renesas-rcar/arm-trusted-firmware/",
    "vendor": "Renesas",
    "versions": [
      {
        "changes": [
          {
            "at": "954d488a9798f8fda675c6b57c571b469b298f04",
            "status": "unaffected"
          }
        ],
        "lessThan": "954d488a9798f8fda675c6b57c571b469b298f04",
        "status": "affected",
        "version": "6a96c18c474e6339fab93f54d52aa7dcc4b70e52",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
github	www.github.com/renesas-rcar/arm-trusted-firmware/commit/954d488a9798f8fda675c6b57c571b469b298f04
asrg	www.asrg.io/security-advisories/cve-2024-6287/

21 Nov 2024 09:49Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5 - 7.8

EPSS0.0001

SSVC

CWE-682