Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:o:arm:trusted_firmware-a:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-01-16T00:00:00
Updated: 2024-08-03T15:02:36.318Z
Reserved: 2022-12-20T00:00:00
Link: CVE-2022-47630
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-16T16:15:10.940
Modified: 2024-11-27T20:03:20.203
Link: CVE-2022-47630
Redhat
No data.