CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2019-1010298
https://notcve.org/view.php?id=CVE-2019-1010298
Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. OP-TEE versión 3.3.0 y anteriores de Linaro/OP-TEE, está afectado por: Desbordamiento de búfer. • https://github.com/RKX1209/CVE-2019-1010298 https://github.com/OP-TEE/optee_os/commit/70697bf3c5dc3d201341b01a1a8e5bc6d2fb48f8 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2018-12437
https://notcve.org/view.php?id=CVE-2018-12437
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. LibTomCrypt hasta la versión 1.18.1 permite un ataque de canal lateral por caché de memoria en las firmas DSA y ECDSA. Esto también se conoce como Return Of the Hidden Number Problem (ROHNP). Para descubrir una clave ECDSA, el atacante necesita acceso a la máquina local o a una máquina virtual diferente en el mismo host físico. • https://security.gentoo.org/glsa/202007-53 https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000413
https://notcve.org/view.php?id=CVE-2017-1000413
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key. La solución TEE de código libre de Linaro llamada OP-TEE, en su versión 2.4.0 y anteriores, es vulnerable a un ataque de sincronización en las partes Montgomery de libMPA en OP-TEE. Esto resulta en el compromiso de la clave RSA privada. • https://github.com/OP-TEE/optee_os/blob/2.5.0/CHANGELOG.md https://github.com/OP-TEE/optee_os/pull/1610 https://www.op-tee.org/security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000412
https://notcve.org/view.php?id=CVE-2017-1000412
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. La solución TEE de código libre de Linaro llamada OP-TEE, en su versión 2.4.0 y anteriores, es vulnerable al ataque bellcore en el código LibTomCrypt. Esto resulta en el compromiso de la clave RSA privada. • https://github.com/OP-TEE/optee_os/blob/2.5.0/CHANGELOG.md https://github.com/OP-TEE/optee_os/pull/1610 https://www.op-tee.org/security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •