115 matches found
CVE-2018-1000205
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...
CVE-2018-1000205
CVE-2018-1000205 concerns the U-Boot bootloader, where CWE-20 Improper Input Validation exists in the Verified boot signature validation, allowing bypass of verified boot. The issue is exploitable via a specially crafted FIT image and device memory functionality. Affected details in connected doc...
CVE-2018-1000205
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...
Samsung, Huawei and other phone Bootloader was traced to the presence of many high-risk bug-vulnerability warning-the black bar safety net
California University research team to create the main stream mobile platform in the bootloader exists in the code test and the DOS of the security gap. Workshop staff with a BootStomp to create 6 new found cracks, 5 of which division is the manufacturer to confirm. There is also a su XI reported...
Multiple Vulnerabilities Found in NVIDIA, Qualcomm and Huawei's Bootloaders
Six exploitable flaws in chipsets used by Huawei, Qualcomm, MediaTek and NVIDIA were found in popular Android handsets, according to a report by University of California at Santa Barbara computer scientists. Each of the flaws exist in phones sold by Huawei, Sony and Google, and are tied to each o...
Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats
Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California...
Buffer overflow
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur...
Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection
Posted by Gal Beniamini, Project Zero Traditionally, the operating system’s kernel is the last security boundary standing between an attacker and full control over a target system. As such, additional care must be taken in order to ensure the integrity of the kernel. First, when a system boots, t...
CVE-2016-5454
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...
CVE-2016-5454
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...
CVE-2016-5452
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...
CVE-2016-5452
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...
Design/Logic Flaw
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...
Design/Logic Flaw
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...
CVE-2016-5454
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...
CVE-2016-5454
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot...
CVE-2016-5452
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...
CVE-2016-5452
CVE-2016-5452 affects Oracle Solaris 11.3 Verified Boot subcomponent. A local attacker could affect confidentiality by exploiting Verified Boot vulnerabilities; CVSS 3.0 indicates LOCAL, LOW complexity, LOW privileges required, with HIGH confidentiality impact. Connected sources confirm the issue...
CVE-2016-5452
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot...
Oracle Sun Solaris Verified Boot Subcomponent Has Unspecified Vulnerability
Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability exists in the Verified Boot subcomponent of Oracle Sun Solaris version 11.3. A local attacker could exploit the vulnerability to read data and compromise the confidentiality of the data...