Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Buffer Overflow Arbitrary Write
Vulnerability Description
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
任意地址可写任意内容条件
Vulnerability Title
Trusted Firmware 安全漏洞
Vulnerability Description
Trusted Firmware是ARM的为 Armv8-A、Armv9-A 和 Armv8-M 提供安全软件的参考实现。 它为 SoC 开发人员和 OEM 提供了符合相关 Arm 规范的参考可信代码库。 Trusted Firmware存在安全漏洞,该漏洞源于存在经典缓冲区溢出漏洞,允许本地执行代码。
CVSS Information
N/A
Vulnerability Type
N/A