Lucene search
GoogleOSV:CVE-2024-6564HistoryJul 08, 2024 - 4:15 p.m.
CVE-2024-6564
2024-07-0816:15:00
Google
osv.dev
2
buffer overflow
rcar_dev_init
untrusted data
loop counter
verification
secure boot
software
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
9.2%
Buffer overflow in “rcar_dev_init” due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.
Related
cve
cve
CVE-2024-6564
2024-07-08 16:15:09
cvelist
cvelist
CVE-2024-6564 Buffer overflow in Rensas RCAR
2024-07-08 15:18:17
nvd
nvd
CVE-2024-6564
2024-07-08 16:15:09
debiancve
debiancve
CVE-2024-6564
2024-07-08 16:15:09
vulnrichment
vulnrichment
CVE-2024-6564 Buffer overflow in Rensas RCAR
2024-07-08 15:18:17
ubuntucve
ubuntucve
CVE-2024-6564
2024-07-08 00:00:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
9.2%
Related for OSV:CVE-2024-6564