Renesas

Arm-trusted-firmware

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2024-6563

  • EPSS 0.09%
  • Veröffentlicht 08.07.2024 16:15:09
  • Zuletzt bearbeitet 21.11.2024 09:49:53

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firm...

6.7

CVE-2024-6564

  • EPSS 0.02%
  • Veröffentlicht 08.07.2024 16:15:09
  • Zuletzt bearbeitet 21.11.2024 09:49:53

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

2

CVE-2024-1633

  • EPSS 0.01%
  • Veröffentlicht 19.02.2024 17:15:08
  • Zuletzt bearbeitet 24.01.2025 15:21:06

During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading...