Vendor CVEs
Arm
All CVEs
182 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-44331 | 0.00 | — | 0.01 | Feb 28, 2022 | ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise(). | |||
| CVE-2021-43086 | 0.00 | — | 0.01 | Feb 28, 2022 | ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in… | |||
| CVE-2021-44828 | 0.00 | — | 0.00 | Jan 14, 2022 | Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other… | |||
| CVE-2021-35465 | 0.00 | — | 0.00 | Aug 23, 2021 | Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0… | |||
| CVE-2020-36477 | 0.00 | — | 0.01 | Aug 23, 2021 | An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected… | |||
| CVE-2020-36476 | 0.00 | — | 0.02 | Aug 23, 2021 | An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. | |||
| CVE-2020-36475 | 0.00 | — | 0.02 | Aug 23, 2021 | An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. | |||
| CVE-2020-36478 | 0.00 | — | 0.01 | Aug 23, 2021 | An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way,… | |||
| CVE-2020-36423 | 0.00 | — | 0.01 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator. | |||
| CVE-2020-36425 | 0.00 | — | 0.01 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. | |||
| CVE-2020-36421 | 0.00 | — | 0.02 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed. | |||
| CVE-2020-36424 | 0.00 | — | 0.00 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values. | |||
| CVE-2020-36426 | 0.00 | — | 0.02 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). | |||
| CVE-2020-36422 | 0.00 | — | 0.01 | Jul 19, 2021 | An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable. | |||
| CVE-2021-24119 | 0.00 | — | 0.01 | Jul 14, 2021 | In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments… | |||
| CVE-2020-24658 | 0.00 | — | 0.00 | Dec 24, 2020 | Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack.… | |||
| CVE-2020-16273 | 0.00 | — | 0.00 | Nov 12, 2020 | In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure… | |||
| CVE-2020-16150 | 0.00 | — | 0.00 | Sep 2, 2020 | A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length. | |||
| CVE-2020-12883 | 0.00 | — | 0.02 | Jun 18, 2020 | Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the… | |||
| CVE-2020-12884 | 0.00 | — | 0.01 | Jun 18, 2020 | A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options that may occur multiple consecutive times in a single… | |||
| CVE-2020-12885 | 0.00 | — | 0.01 | Jun 18, 2020 | An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options in a while loop. This loop's exit condition is computed… | |||
| CVE-2020-12886 | 0.00 | — | 0.01 | Jun 18, 2020 | A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP packet header starting from the message token. The length of the token in… | |||
| CVE-2020-12887 | 0.00 | — | 0.02 | Jun 18, 2020 | Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options… | |||
| CVE-2020-13844 | 0.00 | — | 0.01 | Jun 8, 2020 | Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | |||
| CVE-2020-10941 | 0.00 | — | 0.02 | Mar 24, 2020 | Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. | |||
| CVE-2019-18222 | 0.00 | — | 0.00 | Jan 23, 2020 | The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. | |||
| CVE-2019-17211 | 0.00 | — | 0.03 | Nov 5, 2019 | An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP message from the sn_coap_hdr_s data structure. Both returned_byte_count and… | |||
| CVE-2019-17212 | 0.00 | — | 0.03 | Nov 5, 2019 | Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the… | |||
| CVE-2019-17210 | 0.00 | — | 0.01 | Nov 4, 2019 | A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(),… | |||
| CVE-2017-18187 | Cri | 0.00 | 9.8 | 0.03 | Feb 14, 2018 | In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. | ||
| CVE-2015-8036 | 0.00 | — | 0.03 | Nov 2, 2015 | Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which… | |||
| CVE-2015-5291 | 0.00 | — | 0.04 | Nov 2, 2015 | Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name… |
- CVE-2021-44331Feb 28, 2022risk 0.00cvss —epss 0.01
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow in function encode_ise().
- CVE-2021-43086Feb 28, 2022risk 0.00cvss —epss 0.01
ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in…
- CVE-2021-44828Jan 14, 2022risk 0.00cvss —epss 0.00
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other…
- CVE-2021-35465Aug 23, 2021risk 0.00cvss —epss 0.00
Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0…
- CVE-2020-36477Aug 23, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected…
- CVE-2020-36476Aug 23, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.
- CVE-2020-36475Aug 23, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.
- CVE-2020-36478Aug 23, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way,…
- CVE-2020-36423Jul 19, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.
- CVE-2020-36425Jul 19, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.
- CVE-2020-36421Jul 19, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.
- CVE-2020-36424Jul 19, 2021risk 0.00cvss —epss 0.00
An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.
- CVE-2020-36426Jul 19, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).
- CVE-2020-36422Jul 19, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
- CVE-2021-24119Jul 14, 2021risk 0.00cvss —epss 0.01
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments…
- CVE-2020-24658Dec 24, 2020risk 0.00cvss —epss 0.00
Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack.…
- CVE-2020-16273Nov 12, 2020risk 0.00cvss —epss 0.00
In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure…
- CVE-2020-16150Sep 2, 2020risk 0.00cvss —epss 0.00
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
- CVE-2020-12883Jun 18, 2020risk 0.00cvss —epss 0.02
Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the…
- CVE-2020-12884Jun 18, 2020risk 0.00cvss —epss 0.01
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options that may occur multiple consecutive times in a single…
- CVE-2020-12885Jun 18, 2020risk 0.00cvss —epss 0.01
An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options() parses CoAP options in a while loop. This loop's exit condition is computed…
- CVE-2020-12886Jun 18, 2020risk 0.00cvss —epss 0.01
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP packet header starting from the message token. The length of the token in…
- CVE-2020-12887Jun 18, 2020risk 0.00cvss —epss 0.02
Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP option number field of all options…
- CVE-2020-13844Jun 8, 2020risk 0.00cvss —epss 0.01
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
- CVE-2020-10941Mar 24, 2020risk 0.00cvss —epss 0.02
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
- CVE-2019-18222Jan 23, 2020risk 0.00cvss —epss 0.00
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
- CVE-2019-17211Nov 5, 2019risk 0.00cvss —epss 0.03
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP message from the sn_coap_hdr_s data structure. Both returned_byte_count and…
- CVE-2019-17212Nov 5, 2019risk 0.00cvss —epss 0.03
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the…
- CVE-2019-17210Nov 4, 2019risk 0.00cvss —epss 0.01
A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(),…
- risk 0.00cvss 9.8epss 0.03
In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.
- CVE-2015-8036Nov 2, 2015risk 0.00cvss —epss 0.03
Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which…
- CVE-2015-5291Nov 2, 2015risk 0.00cvss —epss 0.04
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name…
Page 4 of 4