CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

CVE-2025-62863

CVE-2025-62863 concerns AmpereOne processors (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1). The issue arises from an incorrectly formed System Management Call (SMC) to the UEFI-MM PCIe driver, which could enable an out-of-bounds write in the PCIe driver’s S-EL0 address space. Repor...

CVE-2024-46692

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...

CVE-2024-46692 firmware: qcom: scm: Mark get_wq_ctx() as atomic call

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...

CVE-2024-46692 firmware: qcom: scm: Mark get_wq_ctx() as atomic call

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...

Out-of-bounds

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

Input validation

An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE...

CVE-2021-25470

CVE-2021-25470 affects TEEGRIS Secure OS prior to SMR Oct‑2021 Release 1. The issue is an improper caller check logic in the SMC call that can be used to compromise the Trusted Execution Environment (TEE). Impact is described as TEE compromise; no exploit details provided in the documents. Mitiga...

CVE-2021-25470

An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE...

CVE-2021-34390

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service...

CVE-2021-34390

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service...

CVE-2021-34391

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service...

CVE-2021-34390

CVE-2021-34390 concerns Trusty TLK (NVIDIA TLK kernel) where a lack of checks enables an integer overflow via a user-triggered SMC call, potentially causing denial of service. The connected NVIDIA bulletin (Security Updates) confirms affected Jetson products and recommends updating to newer Debia...

CVE-2021-34390

Trusty contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow through a specific SMC call that is triggered by the user, which may lead to denial of service...