Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree (FIT) format structure can be used to overwrite SPL memory, allowing unauthenticated software to execute on the target, leading to privilege escalation. This affects i.MX 8M, i.MX 8M Mini, i.MX 8M Nano, and i.MX 8M Plus.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
NXP Semiconductors i.MX 8M 安全漏洞
Vulnerability Description
NXP Semiconductors i.MX 8M是荷兰恩智浦半导体(NXP Semiconductors)公司的一个模块系统。 NXP Semiconductors i.MX 8M U-Boot Secondary Program Loader (SPL) 2023.07之前版本存在安全漏洞。攻击者利用该漏洞可以升级权限。
CVSS Information
N/A
Vulnerability Type
N/A