Introduction

The following advisories cover security issues discovered, or contributed, by the team at F-Secure Hardware Security Team, previously known as Inverse Path.

CVEs	Description	Advisory
CVE-2021-44149	OP-TEE TrustZone bypass at wakeup on NXP i.MX6UL	Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt
CVE-2021-36133	OP-TEE TrustZone bypass on multiple NXP i.MX models	Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt
CVE-2020-12789	ATSAMA5 hardcoded keys are used for protecting applets	Security_Advisory-Ref_FSC-HWSEC-VR2020-0003-ATSAMA5_code_authentication_issues.txt
CVE-2020-12788	ATSAMA5 CMAC verification susceptible to side channel attacks	Security_Advisory-Ref_FSC-HWSEC-VR2020-0003-ATSAMA5_code_authentication_issues.txt
CVE-2020-12787	ATSAMA5 improper applet verification	Security_Advisory-Ref_FSC-HWSEC-VR2020-0003-ATSAMA5_code_authentication_issues.txt
CVE-2020-11684	AT91bootstrap code authentication bypass via key leak	Security_Advisory-Ref_FSC-HWSEC-VR2020-0002-AT91Bootstrap_code_authentication_issues.txt
CVE-2020-11683	AT91bootstrap timing side channel in CMAC verification	Security_Advisory-Ref_FSC-HWSEC-VR2020-0002-AT91Bootstrap_code_authentication_issues.txt
CVE-2020-10648	U-Boot verified boot bypass via improper signature verification	Security_Advisory-Ref_FSC-HWSEC-VR2020-0001-U-Boot_verified_boot_bypass.txt
CVE-2019-5478	Xilinx ZU+ Encrypt Only Secure boot bypass via partition header	Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
CVE-2019-5478	Xilinx ZU+ Encrypt Only Secure boot bypass via boot header	Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
CVE-2018-18440	U-Boot verified boot bypass via network load	Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt
CVE-2018-18439	U-Boot verified boot bypass via filesystem load	Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt
CVE-2017-7936	NXP High Assurance Boot SDP protection bypass	Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt
CVE-2017-7932	NXP High Assurance Boot X.509 parsing error	Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt
CVE-2016-8672	Siemens SIMATIC missing cookie protection	SSA-603476
CVE-2016-8673	Siemens SIMATIC cross-site request forgery	SSA-603476
CVE-2016-1734	AppleUSBNetworking memory corruption	Security_Advisory-Ref_IPVR2016-0001_AppleUSBNetworking_memory_corruption.txt
CVE-2008-3908	WordNet stack and heap overflows	Security_Advisory-Ref_oCERT-2008-014-WordNet_stack_overflows.txt
CVE-2008-1530	GnuPG memory corruption	Security_Advisory-Ref_oCERT-2008-001-GnuPG_memory_corruption.txt
CVE-2006-1060	zgv/xzgv heap overflow	Security_Advisory-Ref_GLSA200604-10-zgv_heap_overflow.txt
CVE-2003-0962	rsync heap-based buffer overflow	Security_Advisory-Ref_GLSA200312-03-rsync_heap_overflow.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Introduction

About

Releases

Packages

Name		Name	Last commit message	Last commit date
Latest commit History 23 Commits
CVE-2003-0962		CVE-2003-0962
CVE-2006-1060		CVE-2006-1060
CVE-2008-1530		CVE-2008-1530
CVE-2008-3908		CVE-2008-3908
CVE-2016-1734		CVE-2016-1734
CVE-2016-8672		CVE-2016-8672
CVE-2016-8673		CVE-2016-8673
CVE-2017-7932		CVE-2017-7932
CVE-2017-7936		CVE-2017-7936
CVE-2018-18439		CVE-2018-18439
CVE-2018-18440		CVE-2018-18440
CVE-2019-5478		CVE-2019-5478
CVE-2020-10648		CVE-2020-10648
CVE-2020-11683		CVE-2020-11683
CVE-2020-11684		CVE-2020-11684
CVE-2020-12787		CVE-2020-12787
CVE-2020-12788		CVE-2020-12788
CVE-2020-12789		CVE-2020-12789
CVE-2021-36133		CVE-2021-36133
CVE-2021-44149		CVE-2021-44149
README.md		README.md
Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt		Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
Security_Advisory-Ref_FSC-HWSEC-VR2020-0001-U-Boot_verified_boot_bypass.txt		Security_Advisory-Ref_FSC-HWSEC-VR2020-0001-U-Boot_verified_boot_bypass.txt
Security_Advisory-Ref_FSC-HWSEC-VR2020-0002-AT91Bootstrap_code_authentication_issues.txt		Security_Advisory-Ref_FSC-HWSEC-VR2020-0002-AT91Bootstrap_code_authentication_issues.txt
Security_Advisory-Ref_FSC-HWSEC-VR2020-0003-ATSAMA5_code_authentication_issues.txt		Security_Advisory-Ref_FSC-HWSEC-VR2020-0003-ATSAMA5_code_authentication_issues.txt
Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt		Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt
Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt		Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt
Security_Advisory-Ref_GLSA200312-03-rsync_heap_overflow.txt		Security_Advisory-Ref_GLSA200312-03-rsync_heap_overflow.txt
Security_Advisory-Ref_GLSA200604-10-zgv_heap_overflow.txt		Security_Advisory-Ref_GLSA200604-10-zgv_heap_overflow.txt
Security_Advisory-Ref_IPVR2016-0001_AppleUSBNetworking_memory_corruption.txt		Security_Advisory-Ref_IPVR2016-0001_AppleUSBNetworking_memory_corruption.txt
Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt		Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt
Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt		Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt
Security_Advisory-Ref_oCERT-2008-001-GnuPG_memory_corruption.txt		Security_Advisory-Ref_oCERT-2008-001-GnuPG_memory_corruption.txt
Security_Advisory-Ref_oCERT-2008-014-WordNet_stack_overflows.txt		Security_Advisory-Ref_oCERT-2008-014-WordNet_stack_overflows.txt
ssa-603476.pdf		ssa-603476.pdf

f-secure-foundry/advisories

Folders and files

Latest commit

History

Repository files navigation

Introduction

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages