Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:arm:arm-trusted-firmware:1.1:rc3:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-15031 |
In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information. Published: December 18, 2018; 11:29:00 AM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-9607 |
The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow. Published: September 20, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 5.1 MEDIUM |