Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Xilinx Zynq-7000 SoC devices, physical modification of an SD boot image allows for a buffer overflow attack in the ROM. Because the Zynq-7000's boot image header is unencrypted and unauthenticated before use, an attacker can modify the boot header stored on an SD card so that a secure image appears to be unencrypted, and they will be able to modify the full range of register initialization values. Normally, these registers will be restricted when booting securely. Of importance to this attack are two registers that control the SD card's transfer type and transfer size. These registers could be modified a way that causes a buffer overflow in the ROM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xilinx Zynq-7000 数据伪造问题漏洞
Vulnerability Description
Xilinx Zynq-7000是美国 (Xilinx)公司的一个芯片。提供整合ARM®架构处理器的软体可编程能力,搭载FPGA的硬体可编程性,能达到关键分析与硬体加速,同时整合CPU、DSP 、ASSP,以及在单一元件上的混合式讯号功能。 Xilinx zynq-7000 SoC 存在安全漏洞,该漏洞源于SD引导映像允许缓冲区溢出攻击的ROM,引导映像头未加密。未经身份验证的攻击者可利用该漏洞可以修改引导头并存储在SD卡,一个安全的映像似乎是未加密的,但它们将能够任意修改寄存器初始值。
CVSS Information
N/A
Vulnerability Type
N/A