CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44149
https://notcve.org/view.php?id=CVE-2021-44149
An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a v cycle. Se ha detectado un problema en Trusted Firmware OP-TEE Trusted OS versiones hasta 3.15.0. El controlador CSU de OPTEE-OS para los dispositivos SoC NXP i.MX6UL carece de la configuración de acceso de seguridad para los registros relacionados con el wakeup, resultando en una omisión de TrustZone porque el Mundo no Seguro puede llevar a cabo operaciones de lectura/escritura de memoria arbitrarias en la memoria del Mundo Seguro. • https://github.com/OP-TEE/optee_os/tags https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-36133
https://notcve.org/view.php?id=CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral. El controlador CSU de OPTEE-OS para los dispositivos NXP i.MX SoC carece de configuración de acceso de seguridad para varios modelos, resultando en una omisión de TrustZone porque el Mundo no Seguro puede llevar a cabo operaciones arbitrarias de lectura/escritura de memoria en la memoria del Mundo Seguro. Esto implica un periférico con capacidad DMA • https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44479
https://notcve.org/view.php?id=CVE-2021-44479
NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory. Los dispositivos NXP Kinetis K82 presentan una lectura excesiva del búfer por medio de un valor wlength diseñado en una petición GET Status-Other durante el uso del modo USB In-System Programming (ISP). Esto revela la memoria flash protegida • https://github.com/Xen1thLabs-AE/CVE-2021-40154 https://www.darkmatter.ae/xen1thlabs/published-advisories • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1CVE-2021-40154
https://notcve.org/view.php?id=CVE-2021-40154
NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory. Los dispositivos NXP LPC55S69 versiones anteriores a A3, presentan una lectura excesiva del búfer por medio de un valor wlength diseñado en una petición GET Descriptor Configuration durante el uso del modo USB In-System Programming (ISP). Esto revela la memoria flash protegida • https://github.com/Jeromeyoung/CVE-2021-40154 https://github.com/Xen1thLabs-AE/CVE-2021-40154 https://www.darkmatter.ae/xen1thlabs/published-advisories • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38260
https://notcve.org/view.php?id=CVE-2021-38260
NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor(). Se ha detectado que NXP MCUXpresso SDK versión v2.7.0, contiene un desbordamiento de búfer en la función USB_HostParseDeviceConfigurationDescriptor() • https://mcusec.github.io/vulnerabilities_details#nxp_usb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •