Skip to content

Commit

Permalink
assign CVE number
Browse files Browse the repository at this point in the history
  • Loading branch information
@abarisani
abarisani committed Sep 4, 2019
1 parent 5c2cbb3 commit a9308af
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Expand Up @@ -7,8 +7,8 @@ the team at [Inverse Path](https://inversepath.com) /

| CVEs | Description | Advisory
|---------------------------------------------------------------------------------|-----------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| TBA | Xilinx ZU+ Encrypt Only Secure boot bypass via partition header | [Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt) |
| TBA | Xilinx ZU+ Encrypt Only Secure boot bypass via boot header | [Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt) |
| [CVE-2019-5478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5478) | Xilinx ZU+ Encrypt Only Secure boot bypass via partition header | [Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt) |
| [CVE-2019-5478](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5478) | Xilinx ZU+ Encrypt Only Secure boot bypass via boot header | [Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt) |
| [CVE-2018-18440](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18440) | U-Boot verified boot bypass via network load | [Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt) |
| [CVE-2018-18439](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18439) | U-Boot verified boot bypass via filesystem load | [Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_IPVR2018-0001-U-Boot_verified_boot_bypass.txt) |
| [CVE-2017-7936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7936) | NXP High Assurance Boot SDP protection bypass | [Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt](https://github.com/inversepath/advisories/blob/master/Security_Advisory-Ref_QBVR2017-0001-NXP_HAB_bypass.txt) |
Expand Down
6 changes: 4 additions & 2 deletions Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_Only_Secure_Boot_bypass.txt
View file
Expand Up @@ -105,8 +105,8 @@ in collaboration with Robert Bosch GmbH.
CVE
---

TBA: Xilinx ZU+ lack of authentication for boot header in encrypt only secure boot
TBA: Xilinx ZU+ lack of authentication for partition headers in encrypt only secure boot
CVE-2019-5478: Xilinx ZU+ lack of authentication for boot header in encrypt only secure boot
CVE-2019-5478: Xilinx ZU+ lack of authentication for partition headers in encrypt only secure boot

Timeline
--------
Expand All @@ -125,6 +125,8 @@ Timeline

2019-08-12: Xilinx Design Advisory [2] and F-Secure advisory [3] release.

2019-09-03: Xilinx communicates assigned CVE.

References
----------

Expand Down

0 comments on commit a9308af

Please sign in to comment.