Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2024-6564

Medium priority
Needs evaluation

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-6563

Medium priority
Needs evaluation

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program...

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-6287

Medium priority
Needs evaluation

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that...

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Not affected Not affected Not affected
Show less packages

CVE-2023-49100

Medium priority
Vulnerable

Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a...

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Not affected Vulnerable Vulnerable Not in release Not in release
Show less packages

CVE-2022-47630

Medium priority
Vulnerable

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or...

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Vulnerable Vulnerable Vulnerable Not in release Ignored
Show less packages

CVE-2021-40327

High priority
Needs evaluation

Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization...

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2018-19440

Medium priority
Vulnerable

ARM Trusted Firmware-A allows information disclosure.

1 affected packages

arm-trusted-firmware

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-trusted-firmware Vulnerable Vulnerable Vulnerable Not in release Not in release
Show less packages