26 matches found
EUVD-2017-16903
Malware in sbrugna...
EUVD-2017-16907
Malware in sbrugna...
EUVD-2021-22765
Malware in sbrugna...
EUVD-2023-43602
Malicious code in bioql PyPI...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
CVE-2023-39902
A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...
Format string
A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...
CVE-2023-39902
A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...
CVE-2023-39902
CVE-2023-39902 – Normal mode : The issue affects U-Boot Secondary Program Loader (SPL) on select NXP i.MX 8M family processors, prior to version 2023.07. A crafted Flattened Image Tree (FIT) structure can overwrite SPL memory, enabling unauthenticated software to execute on the target and causing...
CVE-2023-39902
A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...
NXP i.MX SoC has unspecified vulnerabilities
NXP i.MX SoC is nxp's multi-core solution for multimedia and display applications with scalable, secure and reliable high-performance and low-power features. nXP i.MX SoC devices have a security vulnerability that stems from the OPTEE-OS CSU driver for NXP i.MX SoC devices lacking secure access...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
Design/Logic Flaw
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
CVE-2021-36133
The CVE-2021-36133 entry concerns the OPTEE-OS CSU driver for NXP i.MX SoC devices. The root issue is a lack of proper security access configuration for several models, enabling a TrustZone bypass where the NonSecure World can perform arbitrary reads/writes of Secure World memory via a DMA-capabl...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...
NXP Semiconductors MQX RTOS (Update A)
CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: NXP Semiconductors Equipment: MQX RTOS Vulnerabilities: Classic Buffer Overflow, Out-of-Bounds Read UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-285-04 NXP...
Stack overflow
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in...
Input validation
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus...