hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

CVE-2019-0117

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory. Mitigation As of this time...

Buffer overflow

An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...

The vulnerability of the Windows Audio service on the Windows operating system allows a perpetrator to gain access to protected information.

The vulnerability of the Windows Audio service in the Windows operating system is related to errors in processing objects in memory. Exploiting this vulnerability can allow an attacker to gain access to protected information stored in the memory of a privileged process...

Qiku 360 Phone N6 Pro 1801-A01 Denial of Service Vulnerability

The Qiku 360 Phone N6 Pro 1801-A01 is a smartphone from the Chinese company Qiku Internet Technology. A denial of service vulnerability exists in the /dev/block/mmcblk0rpmb driver kernel module in the Qiku 360 Phone N6 Pro 1801-A01, which can be exploited to cause a denial of service null pointer...

Elevation of Privilege Vulnerability in Multiple Qualcomm Products

The Qualcomm SD 210 and others are central processing unit CPU products for mobile devices from Qualcomm Incorporated. An elevation of privilege vulnerability exists in multiple Qualcomm products. An attacker could exploit the vulnerability to remove the RPMB...

hw: cpu: speculative store bypass

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

The vulnerability of the RPMB (Replay Protected Memory Block) processor in Android operating systems allows a hacker to trigger buffer overflows.

The vulnerability of the RPMB Replay Protected Memory Block processor in Android operating systems arises from an error in calculating the size of memory buffers. Exploiting this vulnerability can allow a remote attacker to trigger buffer overflows...

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block...

The vulnerability of the AMD Secure Processor implementation in EPYC Server processors allows for reading from the protected area of the processor.

The vulnerability of the AMD Secure Processor implementation in EPYC Server processors lies in the deficiencies in the implementation of the loader responsible for verifying the functionality of the hardware, as well as for launching the AMD Secure Processor module. Exploiting this vulnerability...

AMD Ryzen, Ryzen Pro and Ryzen Mobile File Write Vulnerability

AMD Ryzen, Ryzen Pro, and Ryzen Mobile are central processing unit CPU products from AMD in the United States. A security vulnerability exists in AMD Ryzen, Ryzen Pro, and Ryzen Mobile, which arises from a program that makes it difficult to perform adequate access control on the Secure Processor...

CVE-2018-8933

The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3...

Improper access control

The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3...

CVE-2018-8933

CVE-2018-8933 affects AMD EPYC Server processors. The vulnerability stems from insufficient access control for protected memory regions (FALLOUT-1/2/3), enabling circumvention of platform security controls and potential unauthorized access to memory. Impact is described as high (confidentiality, ...

Google Android RPMB Driver Qualcomm Component Elevation of Privilege Vulnerability

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Qualcomm component of the Google Android RPMB driver. An attacker can exploit this vulnerability to achieve elevatio...

The vulnerability of the TrustZone component of the Android operating system from the CAF repository, which allows a perpetrator to gain unauthorized access to protected memory.

The vulnerability of the TrustZone component of the Android operating system from the CAF repository relates to the use of an uninitialized variable during system calls. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected memor...

The vulnerability of the Sample App component of the Android operating system from the CAF repository allows a perpetrator to gain unauthorized access to protected memory.

The vulnerability of the Sample App component of the Android operating system in the CAF repository arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected memory...

The vulnerability of the RPMB process in the Android operating system allows a hacker to bypass certificate verification.

The vulnerability of the RPMB process in the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to bypass certificate verification...