Lucene search
+L

187 matches found

Prion
Prion
added 2021/12/07 9:15 p.m.16 views

Design/Logic Flaw

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

3.6CVSS7AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2021/12/07 9:15 p.m.5 views

UBUNTU-CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS5.9AI score0.0026EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/12/07 8:42 p.m.48 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7AI score0.0026EPSS
Exploits0
Cvelist
Cvelist
added 2021/12/07 8:42 p.m.24 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.2AI score0.0026EPSS
Exploits0References1
CVE
CVE
added 2021/12/07 8:42 p.m.52 views

CVE-2021-36133

The CVE-2021-36133 entry concerns the OPTEE-OS CSU driver for NXP i.MX SoC devices. The root issue is a lack of proper security access configuration for several models, enabling a TrustZone bypass where the NonSecure World can perform arbitrary reads/writes of Secure World memory via a DMA-capabl...

7.1CVSS7AI score0.0026EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.5 views

NXP i.MX SoC安全漏洞

NXP i.MX SoC is nxp's multi-core solution for multimedia and display applications with scalable, secure and reliable high-performance and low-power features. nXP i.MX SoC devices have a security vulnerability that stems from the OPTEE-OS CSU driver for NXP i.MX SoC devices lacking secure access...

7.1CVSS5.7AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2021/08/11 3:15 p.m.3 views

CVE-2019-25052

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information...

9.1CVSS5.5AI score0.00868EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.4 views

Linaro OP-TEE 加密问题漏洞

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A security vulnerability exists in Linaro OP-TEE, which originated in Linaro OP-TEE prior to 3.7.0, where it is possible to cause a crash by directly calling the update and final cryptographic functions through the use ...

9.1CVSS8.4AI score0.00868EPSS
Exploits0References2
CNVD
CNVD
added 2019/07/18 12:0 a.m.4 views

Linaro OP-TEE Memory Corruption Vulnerability

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A security vulnerability exists in opteeos in Linaro OP-TEE versions prior to 3.4.0. An attacker could exploit this vulnerability to corrupt memory...

9.8CVSS6.9AI score0.0154EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/17 12:0 a.m.3 views

Linaro OP-TEE Input Validation Error Vulnerability

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A security vulnerability exists in opteeos in Linaro OP-TEE 3.3.0 and earlier versions. An attacker could exploit this vulnerability to cause TEE memory corruption...

9.8CVSS6.9AI score0.0154EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/17 12:0 a.m.6 views

Linaro OP-TEE Buffer Overflow Vulnerability (CNVD-2019-23142)

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A buffer overflow vulnerability exists in opteeos in Linaro OP-TEE 3.3.0 and earlier versions. The vulnerability stems from a networked system or product performing operations on memory without properly validating data...

10CVSS7.4AI score0.02777EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/17 12:0 a.m.4 views

Linaro OP-TEE Buffer Overflow Vulnerability (CNVD-2019-23064)

Linaro OP-TEE is an open source trusted execution environment from Linaro UK. A buffer overflow vulnerability exists in opteeos in Linaro OP-TEE 3.3.0 and earlier versions. The vulnerability stems from a networked system or product performing operations on memory without properly validating data...

9.8CVSS7.4AI score0.01616EPSS
Exploits0References1
OSV
OSV
added 2019/07/16 2:15 p.m.5 views

CVE-2019-1010292

Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: opteeos. The fixed version is: v3.4.0...

9.8CVSS5.5AI score0.0154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/07/16 12:0 a.m.10 views

PT-2019-11544

Name of the Vulnerable Software and Affected Versions: Linaro/OP-TEE OP-TEE versions prior to v3.4.0 Description: The issue is related to boundary checks in the optee os component. This could lead to corruption of any memory that the TA can access. Recommendations: For versions prior to v3.4.0,...

9.8CVSS7.8AI score0.0154EPSS
Exploits0References4
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010297

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core kernel context. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.5AI score0.02723EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010298

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.7AI score0.03848EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010293

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.5AI score0.0154EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010296

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.7AI score0.02777EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.7 views

CVE-2019-1010295

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.5AI score0.01616EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS5.5AI score0.01408EPSS
Exploits0References1
Rows per page
Query Builder