Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016502 advisory. Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References4
CVE
CVE
added 2024/09/13 5:29 a.m.124 views

CVE-2024-46692

CVE-2024-46692 affects the Linux kernel firmware: qcom scm path. The root cause is that get_wq_ctx() was configured as a standard SMC call; when two SMCs sleep and one wakes, an interrupted get_wq_ctx() could sleep again while another SMC awaits a waitq context, creating a deadlock. The documente...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/09/13 5:29 a.m.20 views

CVE-2024-46692 firmware: qcom: scm: Mark get_wq_ctx() as atomic call

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...

0.0017EPSS
Exploits0References3
NVD
NVD
added 2024/02/21 4:15 p.m.20 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS6.4AI score0.00224EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/21 4:15 p.m.10 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.5 views

PT-2024-13674 · Unknown +1 · Arm Trusted Firmware +1

Name of the Vulnerable Software and Affected Versions: Trusted Firmware-A TF-A versions prior to 2.10 Description: The issue is related to a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei interrupt bind...

4.4CVSS4.9AI score0.00224EPSS
Exploits0References16
CVE
CVE
added 2024/02/21 12:0 a.m.6092 views

CVE-2023-49100

TF-A before 2.10 has CVE-2023-49100: a read-out-of-bounds in the SDEI service due to insufficient validation of the x1 parameter in sdei_interrupt_bind, passing to plat_ic_get_interrupt_type and bypassing plat_ic_is_sgi checks. A compromised Normal World (Linux) can issue arbitrary SMC calls, con...

4.4CVSS6.5AI score0.00224EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/21 12:0 a.m.13 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

7AI score0.00224EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/02/21 12:0 a.m.4 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS6.8AI score0.00224EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/02/21 12:0 a.m.13 views

CVE-2023-49100

Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...

4.4CVSS5.2AI score0.00224EPSS
Exploits0
myhack58
myhack58
added 2016/05/11 12:0 a.m.58 views

From 0 to TrustZone in the second article: the QSEE mention the right vulnerability and the use of CVE-2 0 1 5-6 6 3 9-a vulnerability warning-the black bar safety net

! In this article, we discuss how to find and exploit a vulnerability, access to Qualcomm secure execution environmentQSEEof the code execute permissions. Related reading From 0 to TrustZone first article: explore the high-pass SEE safe executable environment QSEE attack surface In a previous...

0.3AI score
Exploits0
Rows per page
Query Builder