Lucene search
K

6 matches found

Prion
Prion
added 2023/10/19 10:15 a.m.23 views

Stack overflow

The Texas Instruments OMAP L138 secure variants trusted execution environment TEE lacks a bounds check on the signature size field in the SKLOAD module loading routine, present in mask ROM. A module with a sufficiently large signature field causes a stack overflow, affecting secure kernel data...

4.3CVSS6.7AI score0.00192EPSS
Exploits0References1
Prion
Prion
added 2023/10/19 10:15 a.m.28 views

Code injection

The Texas Instruments OMAP L138 secure variants trusted execution environment TEE performs an RSA check implemented in mask ROM when loading a module through the SKLOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and appe...

4.3CVSS6.9AI score0.0013EPSS
Exploits0References1
CVE
CVE
added 2023/10/19 9:36 a.m.94 views

CVE-2022-25332

The CVE-2022-25332 entry concerns the Texas Instruments OMAP L138 family (secure variants) TEE in mask ROM. A timing side-channel in the AES implementation can be exploited by an attacker with non-secure supervisor privileges to manipulate cache content and observe timing differences across ciphe...

4.4CVSS5.9AI score0.00099EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/19 9:36 a.m.6 views

CVE-2022-25332 SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138

The AES implementation in the Texas Instruments OMAP L138 secure variants, present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext...

4.4CVSS4.4AI score0.00099EPSS
Exploits0References1
CVE
CVE
added 2023/10/19 9:36 a.m.62 views

CVE-2022-25334

CVE-2022-25334 relates to the Texas Instruments OMAP L138 (secure variants) TEE. The mask ROM SK_LOAD routine has no bounds check on the signature size, so a module with a large signature can overflow the stack and enable arbitrary code execution in the secure supervisor context by overwriting a ...

8.8CVSS6.3AI score0.00192EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2023/08/09 2:47 p.m.8 views

CVE-2022-25332

creationtimestamp| type| source ---|---|--- 2023-08-09 14:47:34+00:00| seen| https://t.me/itsecnews/3047 2023-10-19 14:34:21+00:00| seen| https://t.me/cibsecurity/72554 2023-10-19 14:34:29+00:00| seen| https://t.me/cibsecurity/72559 2023-11-28 00:57:29+00:00| seen| https://t.me/arpsyndicate/624...

4.4CVSS6.4AI score0.00099EPSS
Exploits0References5
Rows per page
Query Builder