Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-25332
HistoryOct 19, 2023 - 10:15 a.m.

Design/Logic Flaw

2023-10-1910:15:00
PRIOn knowledge base
www.prio-n.com
6
aes implementation
texas instruments omap l138
mask rom
timing side channel
secure supervisor privileges
cache contents
timing information
ciphertext inputs
sk_load secure kernel routine
customer encryption key
vulnerability
nvd

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK).

References

Related

cve 3
cvelist 3
nvd 3
prion 2
cve
cve
CVE-2022-25332
2023-10-19 10:15:09
CVE-2022-25334
2023-10-19 10:15:09
CVE-2022-25333
2023-10-19 10:15:09
cvelist
cvelist
CVE-2022-25332 SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138
2023-10-19 09:36:24
CVE-2022-25334 Stack overflow on SK_LOAD signature length field in Texas Instruments OMAP L138
2023-10-19 09:36:09
CVE-2022-25333 Flawed SK_LOAD module authenticity check in Texas Instruments OMAP L138
2023-10-19 09:35:03
nvd
nvd
CVE-2022-25332
2023-10-19 10:15:09
CVE-2022-25334
2023-10-19 10:15:09
CVE-2022-25333
2023-10-19 10:15:09
prion
prion
Stack overflow
2023-10-19 10:15:00
Code injection
2023-10-19 10:15:00

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for PRION:CVE-2022-25332
cve3cvelist3nvd3prion2