CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-10319

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other firmware update code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.6%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-1
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-1

Products affected by CVE-2016-10319

Arm Trusted Firmware Project » Arm Trusted Firmware » Version: 1.2

cpe:2.3:o:arm_trusted_firmware_project:arm_trusted_firmware:1.2
Arm Trusted Firmware Project » Arm Trusted Firmware » Version: 1.3

cpe:2.3:o:arm_trusted_firmware_project:arm_trusted_firmware:1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10319

Products

Pricing

Contact Us