Cryptographic issue while copying data to a destination buffer without validating its size.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
Cryptographic issue may occur while encrypting license data.
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
Memory corruption while transmitting packet mapping information with invalid header payload size.
Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.
Cryptographic issue while parsing RSA keys in COBR format.
An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.
Cryptographic issue while performing RSA PKCS padding decoding.
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
Information disclosure while processing message from client with invalid payload.
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
Memory corruption while performing private key encryption in trusted application.
There is a potential OOB Write vulnerability in the gen_prov_start function in pb_adv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on t
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.
Transient DOS when processing a received frame with an excessively large authentication information element.
Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or inte
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled) mailbox messages contain a pointer to a list of input arguments (in_vec) and output arguments (out_vec). The
Page 1+ Next →