Lucene search
K

54 matches found

Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.7 views

PT-2025-24687 · Asp · Asp

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The issue is related to improper register access control in ASP, which may allow a privileged attacker to perform unauthorized access to ASP's Crypto Co-Processor CCP registers from x86. This...

7.9CVSS6AI score0.00157EPSS
Exploits0References4
Amd
Amd
added 2025/06/10 12:0 a.m.9 views

Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor

CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...

7.9CVSS7.1AI score0.00157EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 9:0 a.m.4 views

CVE-2024-38532

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

7.1CVSS6.9AI score0.00191EPSS
Exploits0
NVD
NVD
added 2024/06/28 10:15 p.m.47 views

CVE-2024-38532

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

7.1CVSS0.00191EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/28 9:25 p.m.14 views

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

7.1CVSS6.9AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/28 9:25 p.m.28 views

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

7.1CVSS0.00191EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 9:25 p.m.14 views

CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation

The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...

7.1CVSS6.9AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/06/28 12:0 a.m.10 views

PT-2024-28058 · Nxp · Nxp Data Co-Processor

Name of the Vulnerable Software and Affected Versions: NXP Data Co-Processor DCP affected versions not specified Description: The issue concerns the NXP Data Co-Processor DCP, a built-in hardware module for specific NXP SoCs that implements a dedicated AES cryptographic engine for...

7.1CVSS6.6AI score0.00191EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/28 12:0 a.m.7 views

NXP Data Co-Processor Security Vulnerability

The NXP Data Co-Processor NXP DCP is a built-in hardware module for a SoC from NXP. A dedicated AES encryption engine used to implement encryption/decryption operations. A security vulnerability exists in NXP Data Co-Processor that originates from the selection of a test key by the dcptool...

7.1CVSS6.7AI score0.00191EPSS
Exploits0References3
OSV
OSV
added 2024/06/27 7:15 p.m.6 views

CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2
NVD
NVD
added 2024/06/27 7:15 p.m.17 views

CVE-2024-3017

In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...

6.5CVSS0.00272EPSS
Exploits0References2
OSV
OSV
added 2022/07/14 8:15 p.m.3 views

CVE-2021-26382

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...

4.4CVSS5.8AI score0.00181EPSS
Exploits0References1
Prion
Prion
added 2022/07/14 8:15 p.m.20 views

Denial of service

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...

1.4CVSS5.7AI score0.00181EPSS
Exploits0References1Affected Software35
Cvelist
Cvelist
added 2022/07/14 7:28 p.m.30 views

CVE-2021-26382

An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...

5.1AI score0.00181EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.1 views

kernel: DoS in ccp_run_aes_gcm_cmd() function

A memory leak flaw was found in the Linux kernel's ccprunaesgcmcmd function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability...

5.5CVSS6.6AI score0.0026EPSS
Exploits0References5
Amazon
Amazon
added 2022/01/28 12:0 a.m.5 views

Medium: kernel

Issue Overview: A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. CVE-2019-18808 A flaw was found in the Lin...

7.8CVSS6.7AI score0.05228EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/04 1:14 a.m.4 views

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

5.5CVSS6.8AI score0.00329EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/04 12:53 a.m.4 views

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

5.5CVSS6.8AI score0.00329EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.2 views

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

5.5CVSS6.8AI score0.00329EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 7:0 p.m.4 views

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

5.5CVSS6.8AI score0.00329EPSS
Exploits0References4
Rows per page
Query Builder