In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-11T14:59:12
Updated: 2024-08-05T03:00:18.982Z
Reserved: 2021-08-11T00:00:00
Link: CVE-2019-25052
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-08-11T15:15:07.187
Modified: 2024-11-21T04:39:50.280
Link: CVE-2019-25052
Redhat
No data.