The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Arm
Arm scp-firmware |
|
CPEs | cpe:2.3:o:arm:scp-firmware:*:*:*:*:*:*:*:* | |
Vendors & Products |
Arm
Arm scp-firmware |
|
Metrics |
cvssV3_1
|
Wed, 13 Nov 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware. | |
Weaknesses | CWE-755 | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Arm
Published: 2024-11-13T16:09:26.331Z
Updated: 2024-11-27T15:35:14.153Z
Reserved: 2024-10-01T17:18:17.019Z
Link: CVE-2024-9413
Vulnrichment
Updated: 2024-11-27T15:34:07.353Z
NVD
Status : Awaiting Analysis
Published: 2024-11-13T17:15:12.660
Modified: 2024-11-27T16:15:15.180
Link: CVE-2024-9413
Redhat
No data.