235 matches found
GSD-2021-1002608 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda
iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.8 by commit...
GSD-2021-1002521 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda
iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.85 by commit...
STMicroelectronics STM32Cube 安全漏洞
The Stmicroelectronics STMicroelectronics STM32Cube is a microcontroller for embedded systems from STMicroelectronics Switzerland. A security vulnerability exists in the USBHMSCInterfaceInit function in STMicroelectronics STM32Cube Middleware v1.8.0 and earlier versions, which can lead to a denia...
GSD-2021-1000294 spi: stm32: Fix use-after-free on unbind
spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000391 spi: stm32: Fix use-after-free on unbind
spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000391 spi: stm32: Fix use-after-free on unbind
spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
CVE-2020-20949
Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube UM1924. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the...
CVE-2020-20949
Technical details for CVE-2020-20949 are not publicly available in the provided documents. Monitor for updates from vendors/authorities; current sources repeat the vulnerability description without concrete specifics (affected products, versions, or fixes).
Stmicroelectronics Stm32 Crypto Library Package Encryption Problem Vulnerability
The Stmicroelectronics Stm32 Crypto Library Package is a code library from Stmicroelectronics, Inc. that provides cryptographic functionality for the Stm32 family of microcontrollers. The Stmicroelectronics Stm32 Crypto Library Package is vulnerable to a cryptographic issue that could allow an...
PT-2021-10560
Name of the Vulnerable Software and Affected Versions: STM32 cryptographic firmware library software expansion for STM32Cube UM1924 affected versions not specified Description: The issue concerns Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA, which can be exploited using Bleichenbacher's...
STMicroelectronics STM32F1 Information Disclosure Vulnerability
The STMicroelectronics STM32F1 is an ARM Cortex M3-based 32-bit microcontroller from STMicroelectronics, Switzerland. An information disclosure vulnerability exists in the STMicroelectronics STM32F1 that stems from improper access control. An attacker could exploit the vulnerability to gain acces...
Code injection
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...
CVE-2019-14236
The CVE-2019-14236 entry concerns STMicroelectronics STM32L0/L1/L4/F4/F7/H7 microcontrollers where Proprietary Code Read Out Protection (PCROP) can be defeated by observing CPU registers and the effects of code execution. Affected components are PCROP-protected regions on these devices, with the ...
Cesanta Mongoose OS - Use-After-Free
Cesanta Mongoose OS - Use-After-Free COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors:...
Cesanta Mongoose OS - Use-After-Free Vulnerability
Exploit for hardware platform in category dos / poc Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen Stephan Sekula Date: 2017-04-03...