42 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016502 advisory. Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2025-48507
The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...
EUVD-2018-11131
Malware in sbrugna...
EUVD-2022-50390
Malicious code in bioql PyPI...
CVE-2022-47630
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of getext and authnvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state...
Malicious code in trusted-firmware-a (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a6dc31ad91aec1f31822d8aced35d9645371c5e0194f3a4b7627a6753955769 The OpenSSF Package Analysis project identified 'trusted-firmware-a' @ 100.11.1337 npm as malicious. It is considered malicious because: - The...
OESA-2025-1344 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
OESA-2025-1343 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
OESA-2025-1342 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a...
Linux Distros Unpatched Vulnerability : CVE-2023-49100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enou...
UBUNTU-CVE-2021-47229
In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not yet completed which is indicated by value 1 in PIOSTART causes an...
OESA-2024-1264 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
Out-of-bounds
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
UBUNTU-CVE-2023-49100
Trusted Firmware-A TF-A before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdeiinterruptbind. The parameter is passed to a call to platicgetinterrupttype. It can be any arbitrary value passing...
CVE-2023-49100
TF-A before 2.10 has CVE-2023-49100: a read-out-of-bounds in the SDEI service due to insufficient validation of the x1 parameter in sdei_interrupt_bind, passing to plat_ic_get_interrupt_type and bypassing plat_ic_is_sgi checks. A compromised Normal World (Linux) can issue arbitrary SMC calls, con...
PT-2024-13674 · Unknown +1 · Arm Trusted Firmware +1
Name of the Vulnerable Software and Affected Versions: Trusted Firmware-A TF-A versions prior to 2.10 Description: The issue is related to a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei interrupt bind...