7 matches found
CVE-2023-26084
The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...
CVE-2023-26084
The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...
Authentication flaw
The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...
CVE-2023-26084
The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...
CVE-2023-26084
The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...
AArch64cryptolib 路径遍历漏洞
AArch64cryptolib is an open source scratch implementation of a cryptographic primitive by Arm Software. A path traversal vulnerability exists in versions prior to AArch64cryptolib 20230220, which stems from the inability of the armv8decaesgcmfull API to validate authentication tags for AES-GCM...
CVE-2023-26084
CVE-2023-26084 affects Arm AArch64cryptolib. The armv8_dec_aes_gcm_full() API fails to verify the AES-GCM authentication tag, due to an improperly initialized variable, enabling potential man-in-the-middle attacks. Affected: Arm AArch64cryptolib versions before 86065c6. Impact: data integrity/aut...