Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Amd |
|
| Arm |
|
Configuration 1 [-]
| AND |
|
No data.
References
History
Wed, 27 Nov 2024 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Amd
Amd trusted Firmware-a Amd zu11eg Amd zu15eg Amd zu17eg Amd zu19eg Amd zu1cg Amd zu1eg Amd zu21dr Amd zu25dr Amd zu27dr Amd zu28dr Amd zu29dr Amd zu2cg Amd zu2eg Amd zu39dr Amd zu3cg Amd zu3eg Amd zu3tcg Amd zu3teg Amd zu42dr Amd zu43dr Amd zu46dr Amd zu47dr Amd zu48dr Amd zu49dr Amd zu4cg Amd zu4eg Amd zu4ev Amd zu5cg Amd zu5eg Amd zu5ev Amd zu63dr Amd zu64dr Amd zu65dr Amd zu67dr Amd zu6cg Amd zu6eg Amd zu7cg Amd zu7eg Amd zu7ev Amd zu9cg Amd zu9eg Arm Arm trusted Firmware-a |
|
| Weaknesses | CWE-125 | |
| CPEs | cpe:2.3:h:amd:zu11eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu15eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu17eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu19eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu1cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu1eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu21dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu25dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu27dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu28dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu29dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu2cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu2eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu39dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu3cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu3eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu3tcg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu3teg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu42dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu43dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu46dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu47dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu48dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu49dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu4cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu4eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu4ev:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu5cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu5eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu5ev:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu63dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu64dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu65dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu67dr:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu6cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu6eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu7cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu7eg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu7ev:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu9cg:-:*:*:*:*:*:*:* cpe:2.3:h:amd:zu9eg:-:*:*:*:*:*:*:* cpe:2.3:o:amd:trusted_firmware-a:*:*:*:*:*:*:*:* cpe:2.3:o:arm:trusted_firmware-a:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Amd
Amd trusted Firmware-a Amd zu11eg Amd zu15eg Amd zu17eg Amd zu19eg Amd zu1cg Amd zu1eg Amd zu21dr Amd zu25dr Amd zu27dr Amd zu28dr Amd zu29dr Amd zu2cg Amd zu2eg Amd zu39dr Amd zu3cg Amd zu3eg Amd zu3tcg Amd zu3teg Amd zu42dr Amd zu43dr Amd zu46dr Amd zu47dr Amd zu48dr Amd zu49dr Amd zu4cg Amd zu4eg Amd zu4ev Amd zu5cg Amd zu5eg Amd zu5ev Amd zu63dr Amd zu64dr Amd zu65dr Amd zu67dr Amd zu6cg Amd zu6eg Amd zu7cg Amd zu7eg Amd zu7ev Amd zu9cg Amd zu9eg Arm Arm trusted Firmware-a |
Thu, 15 Aug 2024 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 13 Aug 2024 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service. | |
| Weaknesses | CWE-20 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: AMD
Published:
Updated: 2024-08-15T15:18:21.699Z
Reserved: 2023-04-27T15:25:41.425Z
Link: CVE-2023-31339
Vulnrichment
Updated: 2024-08-15T15:18:09.148Z
NVD
Status : Analyzed
Published: 2024-08-13T17:15:20.870
Modified: 2024-11-27T15:55:02.843
Link: CVE-2023-31339
Redhat
No data.