Arm-trusted-firmware Security Vulnerabilities and Issues — Arm-trusted-firmware CVE List

Lucene search

RenesasArm-trusted-firmware

3 matches found

CVE•added 2024/07/08 4:15 p.m.•48 views

CVE-2024-6564

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

6.7CVSS6.6AI score0.00045EPSS

CVE•added 2024/07/08 4:15 p.m.•43 views

CVE-2024-6563

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io...

7.5CVSS7.2AI score0.00043EPSS

CVE•added 2024/02/19 5:15 p.m.•38 views

CVE-2024-1633

During the secure boot, bl2 (the second stage ofthe bootloader) loops over images defined in the table “bl2_mem_params_descs”.For each image, the bl2 reads the image length and destination from the image’scertificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

2CVSS4AI score0.00008EPSS