In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.
References
Link | Resource |
---|---|
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-2 | Patch Vendor Advisory |
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-2 | Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 03:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-2 - Patch, Vendor Advisory |
Information
Published : 2017-06-07 15:29
Updated : 2024-11-21 03:32
NVD link : CVE-2017-7564
Mitre link : CVE-2017-7564
CVE.ORG link : CVE-2017-7564
JSON object : View
Products Affected
arm
- arm_trusted_firmware
CWE
CWE-20
Improper Input Validation