36 matches found
CVE-2024-53161 EDAC/bluefield: Fix potential integer overflow
In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of memctrlidx left-shifted 16 bits and OR-ed with DIMM index. With memctrlidx defined as 32-bits wide the left-shift...
UBUNTU-CVE-2023-52684
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed...
DEBIAN-CVE-2024-26893
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in SMC transport cleanup path When the generic SCMI code tears down a channel, it calls the chanfree callback function, defined by each transport. Since multiple protocols might share the same...
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS Security Vulnerability
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS are both products of Dell, Inc.Dell PowerEdge Server BIOS is a system update driver from Dell.Dell Precision Rack BIOS is a Dell Precision Rack BIOS is a BIOS utility for high-performance workstation products. A security vulnerability exists...
DEBIAN-CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
UBUNTU-CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-5370
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0...
PT-2023-32073 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises when the check for the SMCCC workaround is called before SMCCC support has been initialized on CPU 0. This results in no speculative...
CVE-2022-42269
NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise integrity. The scope of the impact can extend to other components...
NVIDIA Jetson 输入验证错误漏洞
NVIDIA Jetson is an embedded system development module from NVIDIA Corporation. A security vulnerability exists in NVIDIA Jetson that stems from an inability to validate untrusted input in the SMC call handler could allow a highly privileged local attacker to cause an information disclosure and...
CVE-2020-12789
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...
CVE-2020-12789
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets...
CVE-2020-12789
The CVE-2020-12789 entry concerns the Secure Monitor in Microchip Atmel ATSAMA5 devices, where a hardcoded key is used to encrypt and authenticate secure applets. Connected sources confirm the vulnerable component (Secure Monitor) and the root cause (hardcoded key), with CVSS v3.1 base score 7.5 ...
The vulnerability of the SMC-processor GLOBAL_CMD_ID_NEED_LOAD_APP in the TEE OS Trusted Core of the Huawei Mate 9 Pro mobile phone operating system allows a perpetrator to trigger a service failure, modify program algorithms (by changing the flags from TRUE/FALSE), or compromise critical data stored in physical memory.
The vulnerability of the SMC-processor GLOBALCMDIDNEEDLOADAPP in the TEE OS Trusted Core of the Huawei Mate 9 Pro mobile phone operating system is related to the lack of validation for input data. Exploiting this vulnerability can allow an attacker to cause service failures, modify program...
The vulnerability of the getLoginInformation function at address 0x175798 in the SMC handler for the GLOBAL_CMD_ID_OPEN_SESSION function of the TEE OS in the Huawei Mate 9 Pro mobile phone’s microprogramming system. This vulnerability allows an attacker to cause a service failure or to read the virtual memory of the TEE OS at arbitrary addresses.
The vulnerability of the getLoginInformation function at address 0x175798 in the SMC handler for the GLOBALCMDIDOPENSESSION function in the TEE OS Trusted Core of the Huawei Mate 9 Pro mobile phone’s microprogramming system is related to the lack of validation for the incoming physical address...
CVE-2017-18141
When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206,...