Lucene search
ASRGCVE-2024-6564HistoryJul 08, 2024 - 4:15 p.m.
CVE-2024-6564
2024-07-0816:15:09
CWE-120
ASRG
web.nvd.nist.gov
29
buffer overflow
rcar_dev_init
untrusted data
secure boot bypass
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.2%
Buffer overflow in “rcar_dev_init” due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.
Affected configurations
Node
renesasarm-trusted-firmwareMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| renesas | arm-trusted-firmware | - | cpe:2.3:o:renesas:arm-trusted-firmware:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "arm-trusted-firmware",
"product": "rcar_gen3_v2.5",
"programFiles": [
"https://github.com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.c"
],
"repo": "https://github.com/renesas-rcar/arm-trusted-firmware/",
"vendor": "Renesas",
"versions": [
{
"lessThanOrEqual": "c9fb3558410032d2660c7f3b7d4b87dec09fe2f2",
"status": "affected",
"version": "c2f286820471ed276c57e603762bd831873e5a17",
"versionType": "git"
}
]
}
]Related
debiancve
debiancve
CVE-2024-6564
2024-07-08 16:15:09
vulnrichment
vulnrichment
CVE-2024-6564 Buffer overflow in Rensas RCAR
2024-07-08 15:18:17
ubuntucve
ubuntucve
CVE-2024-6564
2024-07-08 00:00:00
cvelist
cvelist
CVE-2024-6564 Buffer overflow in Rensas RCAR
2024-07-08 15:18:17
osv
osv
CVE-2024-6564
2024-07-08 16:15:00
nvd
nvd
CVE-2024-6564
2024-07-08 16:15:09
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.2%
Related for CVE-2024-6564