263 matches found
CVE-2023-38022
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser...
Null pointer dereference
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser...
CVE-2023-38022
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser...
SCONE Confidential Computing Platform Security Vulnerability
SCONE Confidential Computing Platform is an open source platform for implementing confidential computing from SCONE, Germany. A security vulnerability exists in SCONE Confidential Computing Platform versions prior to v5.8.0, which stems from a lack of pointer validation logic in the sconedispatch...
CVE-2022-46486
SCONE CVE-2022-46486 affects the Confidential Computing Platform where the __scone_dispatch component in Intel SGX-enabled deployments lacks pointer-validation logic in versions before 5.8.0. This flaw can allow an attacker to access sensitive information. Affected software: SCONE prior to 5.8.0 ...
CVE-2023-38022
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser...
CVE-2022-46486
A lack of pointer-validation logic in the sconedispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information...
Fortanix EnclaveOS Confidential Computing Manager Platform Security Vulnerability
Fortanix EnclaveOS Confidential Computing Manager Platform is a cloud-native service from Fortanix, Inc. that provides a complete solution for confidential computing in the cloud and in local workloads. A security vulnerability exists in Fortanix EnclaveOS Confidential Computing Manager Platform...
PT-2023-14943 · Intel · Scone
Name of the Vulnerable Software and Affected Versions: SCONE versions prior to 5.8.0 Description: A lack of pointer-validation logic in the scone dispatch component of SCONE for Intel SGX allows attackers to access sensitive information. Recommendations: For versions prior to 5.8.0, update to...
PT-2023-26249 · Fortanix · Fortanix Enclaveos Confidential Computing Manager (Ccm) Platform
Name of the Vulnerable Software and Affected Versions: Fortanix EnclaveOS Confidential Computing Manager CCM Platform versions prior to 3.29 Description: An issue was discovered in the Fortanix EnclaveOS Confidential Computing Manager CCM Platform, allowing a local attacker to access unauthorized...
CVE-2022-26942
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment TEE modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure superviso...
Design/Logic Flaw
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment TEE modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure superviso...
CVE-2022-26942 Multiple missing pointer validation checks in trusted execution module in Motorola MTM5000
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment TEE modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure superviso...
CVE-2022-26942 Multiple missing pointer validation checks in trusted execution module in Motorola MTM5000
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment TEE modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure superviso...
CVE-2022-26942
The CVE-2022-26942 entry concerns Motorola MTM5000 series firmware with missing pointer validation in two Trusted Execution Environment TEEs (KVL key management module and TETRA cryptographic module). The issue enables a non-secure supervisor level attacker to achieve secure supervisor code execu...
CVE-2023-37368
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exyno...
PT-2023-25936 · Samsung · Exynos Auto T5123 +15
Name of the Vulnerable Software and Affected Versions: Samsung Exynos Mobile Processor, Automotive Processor, and Modem versions Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920,...
SAMSUNG Exynos Code Issue Vulnerability
SAMSUNG Exynos is a SoC, Arm architecture-based processor developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in the Samsung Exynos Mobile Processor, Automotive Processor, and Modem, which stems from a lack of NULL pointer validation and could lea...
DEBIAN-CVE-2023-32252
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...
AZL-27757 CVE-2023-32252 affecting package kernel for versions less than 5.15.135.1-2
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...