157 matches found
PT-2023-30825 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by a logic error in the code, allowing the secure world to write to NS memory. This could lead to local escalation of privilege, wit...
PT-2023-12740 · Suse · Suse
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a potential limited loss of guest memory integrity due to SMM configuration not being immutable as intended when SNP is enabled...
CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image...
Memory corruption
Memory Corruption in Core due to secure memory access by user while loading modem image...
CVE-2023-24852
CVE-2023-24852 describes memory corruption in the Core component when a user performs secure memory access during modem image loading. The vulnerability is local and impacts confidentiality, integrity, and availability (per CVSS metrics with LOCAL access, LOW attack complexity, NONE user interact...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a user performing a secure memory access while loading a modem image that results in core memory corruption...
PT-2023-19827 · Core · Core
Name of the Vulnerable Software and Affected Versions: Core affected versions not specified Description: The issue is related to memory corruption in Core due to secure memory access by a user while loading a modem image. Recommendations: At the moment, there is no information about a newer versi...
SUSE CVE-2017-9526
In Libgcrypt before 1.7.7, an attacker who learns the EdDSA session key from side-channel observation during the signing process can easily recover the long-term secret key. 1.7.7 makes a cipher/ecc-eddsa.c change to store this session key in secure memory, to ensure that constant-time point...
CVE-2021-46851
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback...
CVE-2021-46851
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback...
CVE-2021-46851
The CVE-2021-46851 entry concerns a vulnerability in the DRM module of Huawei HarmonyOS where verification of secure memory attributes can fail, potentially leading to abnormal video playback. Public sources consistently describe the DRM module as affected and the impact as a video playback anoma...
PT-2022-12943 · Unknown · Drm Module
Name of the Vulnerable Software and Affected Versions: DRM module affected versions not specified Description: The issue is related to a problem in the DRM module's verification of secure memory attributes. This could potentially lead to abnormal video playback if exploited. Recommendations: At t...
CVE-2021-46851
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback...
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...
Input validation
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which stems from improper protection in the IOMMU...
CVE-2022-39854
CVE-2022-39854 pertains to Samsung devices with the IOMMU in the SMR Oct-2022 Release 1, where improper protection in the IOMMU could allow unauthorized access to secure memory. The root cause is described as insufficient protection in IOMMU prior to the SMR Oct-2022 Release 1. Affected remediati...
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...