11 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016502 advisory. Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in...
CVE-2024-46692
CVE-2024-46692 affects the Linux kernel firmware: qcom scm path. The root cause is that get_wq_ctx() was configured as a standard SMC call; when two SMCs sleep and one wakes, an interrupted get_wq_ctx() could sleep again while another SMC awaits a waitq context, creating a deadlock. The documente...
CVE-2024-46692 firmware: qcom: scm: Mark get_wq_ctx() as atomic call
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
PT-2024-13674 · Unknown +1 · Arm Trusted Firmware +1
Name of the Vulnerable Software and Affected Versions: Trusted Firmware-A TF-A versions prior to 2.10 Description: The issue is related to a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei interrupt bind...
CVE-2023-49100
TF-A before 2.10 has CVE-2023-49100: a read-out-of-bounds in the SDEI service due to insufficient validation of the x1 parameter in sdei_interrupt_bind, passing to plat_ic_get_interrupt_type and bypassing plat_ic_is_sgi checks. A compromised Normal World (Linux) can issue arbitrary SMC calls, con...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
From 0 to TrustZone in the second article: the QSEE mention the right vulnerability and the use of CVE-2 0 1 5-6 6 3 9-a vulnerability warning-the black bar safety net
! In this article, we discuss how to find and exploit a vulnerability, access to Qualcomm secure execution environmentQSEEof the code execute permissions. Related reading From 0 to TrustZone first article: explore the high-pass SEE safe executable environment QSEE attack surface In a previous...