Product:

Arm\-Trusted\-Firmware

(Renesas)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2024-07-08 CVE-2024-6563 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT"... Arm\-Trusted\-Firmware 6.7
2024-07-08 CVE-2024-6564 Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot. Arm\-Trusted\-Firmware 6.7