Zurück zur CVE-Übersicht
CVE-2017-9607
HIGH(7.0)CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Risk Signal Score18/100 — NIEDRIG
- CVSS 7 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7
Technische Schwere
Beschreibung
The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.
Referenzen
- https://github.com/ARM-software/arm-trusted-firmware/blob/v1.4/docs/change-log.r...
- https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-S...
- https://github.com/ARM-software/arm-trusted-firmware/blob/v1.4/docs/change-log.r...
- https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-S...