CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46891
https://notcve.org/view.php?id=CVE-2022-46891
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. Se descubrió un problema en el controlador del kernel de GPU Arm Mali. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47630
https://notcve.org/view.php?id=CVE-2022-47630
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state. Trusted Firmware-A hasta su versión 2.8 tiene una lectura fuera de los límites en el analizador X.509 para analizar los certificados de arranque. Esto afecta el uso posterior de get_ext y auth_nvctr. • http://www.openwall.com/lists/oss-security/2023/01/16/8 https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html https://www.trustedfirmware.org/news • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2022-48251
https://notcve.org/view.php?id=CVE-2022-48251
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture." • https://eprint.iacr.org/2022/230 https://eshard.com/posts/sca-attacks-on-armv8 • CWE-203: Observable Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46392
https://notcve.org/view.php?id=CVE-2022-46392
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. Se descubrió un problema en Mbed TLS anterior a 2.28.2 y 3.x anterior a 3.3.0. Un adversario con acceso a información suficientemente precisa sobre los accesos a la memoria (normalmente, un sistema operativo no confiable que ataca un enclave seguro) puede recuperar una clave privada RSA después de observar a la víctima realizando una única operación con clave privada, si el tamaño de la ventana (MBEDTLS_MPI_WINDOW_SIZE) utilizada para la exponenciación es 3 o menor. • https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB • CWE-203: Observable Discrepancy •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46393
https://notcve.org/view.php?id=CVE-2022-46393
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. Se descubrió un problema en Mbed TLS anterior a 2.28.2 y 3.x anterior a 3.3.0. Existe un posible desbordamiento de búfer de almacenamiento dinámico y una sobrelectura de búfer de almacenamiento dinámico en DTLS si MBEDTLS_SSL_DTLS_CONNECTION_ID está habilitado y MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. • https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •