EUVD-2016-0836

Malware in sbrugna...

The vulnerability of the TZ Secure OS microprogramming system in embedded Qualcomm chips allows a hacker to execute arbitrary code.

The vulnerability of the TZ Secure OS microprogramming system in embedded Qualcomm chips is related to deficiencies in access control mechanisms. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from an improperly restricted operation within a memory buffer range in TZ Secure OS...

Mbed TLS -- Cache attack against RSA key import in SGX

Janos Follath reports: If Mbed TLS is running in an SGX enclave and the adversary has control of the main operating system, they can launch a side channel attack to recover the RSA private key when it is being imported. The attack only requires access to fine grained measurements to cache usage...

CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

UBUNTU-CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...