Lucene search
ASRGCVELIST:CVE-2024-6285HistoryJun 24, 2024 - 3:32 p.m.
CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR
2024-06-2415:32:13
CWE-191
ASRG
www.cve.org
5
cve-2024-6285
memory range check
renesas rcar
bypassing address restrictions
image loading
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware.
An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "arm-trusted-firmware",
"product": "rcar_gen3_v2.5",
"programFiles": [
"https://github.com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.c"
],
"repo": "https://github.com/renesas-rcar/arm-trusted-firmware",
"vendor": "Renesas",
"versions": [
{
"changes": [
{
"at": "b596f580637bae919b0ac3a5471422a1f756db3b",
"status": "unaffected"
}
],
"lessThan": "b596f580637bae919b0ac3a5471422a1f756db3b",
"status": "affected",
"version": "c2f286820471ed276c57e603762bd831873e5a17",
"versionType": "git"
}
]
}
]Related
cve
cve
CVE-2024-6285
2024-06-24 16:15:10
vulnrichment
vulnrichment
CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR
2024-06-24 15:32:13
osv
osv
CVE-2024-6285
2024-06-24 16:15:10
nvd
nvd
CVE-2024-6285
2024-06-24 16:15:10
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-6285