Arm: >> Trusted Firmware-A >> 1.6 Security Vulnerabilities
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
CVSS Score
4.8
EPSS Score
0.0
Published
2024-08-13
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.
CVSS Score
7.4
EPSS Score
0.004
Published
2023-01-16
ARM Trusted Firmware-A allows information disclosure.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-01-30