4 matches found
CVE-2024-25076
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value Length of Flash Config Section to control a read from the QSPI device into a fixed siz...
CVE-2024-25076
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value Length of Flash Config Section to control a read from the QSPI device into a fixed siz...
CVE-2024-25076
CVE-2024-25076 affects Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom validates the Flash Product Header by reading from a user-controlled size (Length of Flash Config Section) into a fixed-size buffer, enabling a buffer overflow and execution of arbitrary code. Pub...
CVE-2024-25076
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value Length of Flash Config Section to control a read from the QSPI device into a fixed siz...