In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-11T14:59:12

Updated: 2024-08-05T03:00:18.982Z

Reserved: 2021-08-11T00:00:00

Link: CVE-2019-25052

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-11T15:15:07.187

Modified: 2024-11-21T04:39:50.280

Link: CVE-2019-25052

cve-icon Redhat

No data.