54 matches found
PT-2025-24687 · Asp · Asp
Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The issue is related to improper register access control in ASP, which may allow a privileged attacker to perform unauthorized access to ASP's Crypto Co-Processor CCP registers from x86. This...
Unauthorized Access to AMD Secure Processor’s Crypto-Co-Processor
CVE Details Refer to Glossary for explanation of terms CVE| CVSS Score| CVE Description ---|---|--- CVE-2023-20599| 7.9 High CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N| Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto...
CVE-2024-38532
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
CVE-2024-38532 TEST_KEY used in example dcp_tool reference implementation
The NXP Data Co-Processor DCP is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcptool reference implementation included in the repository selected the test key, regardless of its -t argument. This...
PT-2024-28058 · Nxp · Nxp Data Co-Processor
Name of the Vulnerable Software and Affected Versions: NXP Data Co-Processor DCP affected versions not specified Description: The issue concerns the NXP Data Co-Processor DCP, a built-in hardware module for specific NXP SoCs that implements a dedicated AES cryptographic engine for...
NXP Data Co-Processor Security Vulnerability
The NXP Data Co-Processor NXP DCP is a built-in hardware module for a SoC from NXP. A dedicated AES encryption engine used to implement encryption/decryption operations. A security vulnerability exists in NXP Data Co-Processor that originates from the selection of a test key by the dcptool...
CVE-2024-3017
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2024-3017
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2021-26382
An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...
Denial of service
An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...
CVE-2021-26382
An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor ACP, irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service...
kernel: DoS in ccp_run_aes_gcm_cmd() function
A memory leak flaw was found in the Linux kernel's ccprunaesgcmcmd function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability...
Medium: kernel
Issue Overview: A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. CVE-2019-18808 A flaw was found in the Lin...
kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...
kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...
kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...
kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...