CVE-2023-34195

An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses this value as a function pointer. This variable is wiped out by...

OP-TEE Trusted OS Resource Management Error Vulnerability

OP-TEE Trusted OS is an OP-TEE open source Trusted Execution Environment TEE that implements Arm TrustZone technology. A resource management error vulnerability exists in OP-TEE Trusted OS. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor...

Cisco IOS XR Data Forgery Issue Vulnerability

Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which originates from a security hole in the iPXE boot feature that can be exploited by an authenticated attacker to install an unauthenticated software image on an...

CVE-2023-21627

Memory corruption in Trusted Execution Environment while calling service API with invalid address...

Memory corruption

Memory corruption in Trusted Execution Environment while calling service API with invalid address...

CVE-2023-21627 Incorrect Type Conversion or Cast in Trusted Execution Environment

Memory corruption in Trusted Execution Environment while calling service API with invalid address...

CVE-2023-21627

CVE-2023-21627 is a memory corruption issue in the Trusted Execution Environment when a service API is called with an invalid address. The vulnerability affects Qualcomm components (TEE) and is documented in multiple feeds, with the NVD/NIST entry noting memory corruption and a base CVSS v3.1 sco...

Qualcomm Chip Code Issue Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm chip that stems from an...

Qualcomm Chipsets Code Issue Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in the Qualcomm Chipsets that originates from a memory corruption in the Trusted Execution Environment when a service API is called with an invalid address...

PT-2023-18290 · Unknown · Trusted Execution Environment

Name of the Vulnerable Software and Affected Versions: Trusted Execution Environment affected versions not specified Description: The issue involves memory corruption in the Trusted Execution Environment when the service API is called with an invalid address. Recommendations: At the moment, there...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking in the OPTEE module, which may result in out-of-bounds writes...

CVE-2021-46759

Improper syscall input validation in AMD TEE Trusted Execution Environment may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP AMD Secure Processor bootloader accessible memory to a serial port, resulting in a potential...

CVE-2021-46759

Improper syscall input validation in AMD TEE Trusted Execution Environment may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP AMD Secure Processor bootloader accessible memory to a serial port, resulting in a potential...

UNISOC Chipsets 缓冲区错误漏洞

UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in the UNISOC Chipsets tee service module, which stems from a lack of boundary checking, resulting in out-of-bounds writes...

Client Vulnerabilities – May 2023

Bulletin ID: AMD-SB-4001 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Secure Processor ASP, AMD System Management Unit SMU, and other platform components were discovered, and mitigations are being...

CVE-2022-33273

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation...

Information disclosure

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation...

CVE-2022-33273

CVE-2022-33273 : Information disclosure due to a buffer over-read in the Trusted Execution Environment during QRKS report generation. Affected component: Qualcomm Trusted Execution Environment ; root cause: buffer over-read in the QRKS report path. Impact: confidentiality leakage (high); attack v...

CVE-2022-33273 Buffer over-read in Trusted Execution Environment

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation...

PT-2023-13279 · Unknown · Trusted Execution Environment

Name of the Vulnerable Software and Affected Versions: Trusted Execution Environment affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read in the Trusted Execution Environment, specifically during QRKS report generation...