Assigner: | ASRG |
Reserved: | 2024-06-24 |
Published: | 2024-06-24 |
Updated: | 2024-06-24 |
Description
Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Problem types
CWE-191 Integer Underflow (Wrap or Wraparound)
Product status
c2f286820471ed276c57e603762bd831873e5a17 before b596f580637bae919b0ac3a5471422a1f756db3b
Credits
Tomer Fichman
References
https://github.com/renesas-rcar/arm-trusted-firmware/commit/b596f580637bae919b0ac3a5471422a1f756db3b
https://asrg.io/security-advisories/cve-2024-6285/