Filtered by vendor Arm
Subscribe
Total
112 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-9988 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. | |||||
CVE-2018-9056 | 2 Arm, Intel | 209 Cortex-a, Atom C, Atom E and 206 more | 2024-02-04 | 4.7 MEDIUM | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. | |||||
CVE-2017-7563 | 1 Arm | 1 Arm Trusted Firmware | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits). | |||||
CVE-2017-5753 | 13 Arm, Canonical, Debian and 10 more | 387 Cortex-a12, Cortex-a12 Firmware, Cortex-a15 and 384 more | 2024-02-04 | 4.7 MEDIUM | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
CVE-2017-5754 | 2 Arm, Intel | 209 Cortex-a, Atom C, Atom E and 206 more | 2024-02-04 | 4.7 MEDIUM | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. | |||||
CVE-2017-5715 | 7 Arm, Canonical, Debian and 4 more | 221 Cortex-a, Ubuntu Linux, Debian Linux and 218 more | 2024-02-04 | 1.9 LOW | 5.6 MEDIUM |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
CVE-2017-14032 | 1 Arm | 1 Mbed Tls | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. | |||||
CVE-2017-7564 | 1 Arm | 1 Arm Trusted Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers. | |||||
CVE-2017-9607 | 1 Arm | 1 Arm-trusted-firmware | 2024-02-04 | 5.1 MEDIUM | 7.0 HIGH |
The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow. | |||||
CVE-2017-2784 | 1 Arm | 1 Mbed Tls | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications. | |||||
CVE-2015-5291 | 5 Arm, Debian, Fedoraproject and 2 more | 6 Mbed Tls, Debian Linux, Fedora and 3 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0. | |||||
CVE-2015-8036 | 5 Arm, Debian, Fedoraproject and 2 more | 5 Mbed Tls, Debian Linux, Fedora and 2 more | 2024-02-04 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session. NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges. |