Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Flawed SK_LOAD module authenticity check in Texas Instruments OMAP L138
Vulnerability Description
The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) performs an RSA check implemented in mask ROM when loading a module through the SK_LOAD routine. However, only the module header authenticity is validated. An adversary can re-use any correctly signed header and append a forged payload, to be encrypted using the CEK (obtainable through CVE-2022-25332) in order to obtain arbitrary code execution in secure context. This constitutes a full break of the TEE security architecture.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Texas Instruments OMAP L138 安全漏洞
Vulnerability Description
Texas Instruments OMAP L138是美国德州仪器(Texas Instruments)公司的一个DSP+ARM工业处理器。 Texas Instruments OMAP L138 (secure variants)存在安全漏洞,该漏洞源于当通过 SK_LOAD 例程加载模块时,可信执行环境 (TEE) 会执行掩码 ROM 中实现的 RSA 检查,但仅验证模块标头的真实性,攻击者利用该漏洞可以重复使用任何正确签名的标头并附加伪造的有效负载,以便在安全上下文中获得任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A