CVE-2024-7883 – CMSE secure state may leak from stack to floating-point registers
https://notcve.org/view.php?id=CVE-2024-7883
When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns a floating-point value and when this is the first use of floating-point since entering Secure state. This allows an attacker to read a limited quantity of Secure stack contents with an impact on confidentiality. This issue is specific to code generated using LLVM-based compilers. • https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions%20Vulnerability • CWE-226: Sensitive Information in Resource Not Removed Before Reuse •
CVE-2024-0151
https://notcve.org/view.php?id=CVE-2024-0151
Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Secure state that are out of range for types smaller than 32-bits. Out of range values might lead to incorrect operations in secure state. La comprobación insuficiente de argumentos en las funciones de entrada de estado seguro en el software que utiliza Extensiones de seguridad Cortex-M (CMSE), que se ha compilado utilizando cadenas de herramientas que implementan los 'Requisitos de extensiones de seguridad Arm v8-M en herramientas de desarrollo' anteriores a la versión 1.4, permite que un atacante pase valores al estado Seguro que están fuera del rango para tipos menores de 32 bits. Los valores fuera de rango pueden provocar operaciones incorrectas en estado seguro debido. • https://developer.arm.com/Arm%20Security%20Center/Cortex-M%20Security%20Extensions • CWE-241: Improper Handling of Unexpected Data Type •
CVE-2022-43703 – Incomplete verification of installation file signature
https://notcve.org/view.php?id=CVE-2022-43703
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-427: Uncontrolled Search Path Element •
CVE-2022-43702 – Incomplete verification of installation file signature
https://notcve.org/view.php?id=CVE-2022-43702
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVE-2022-43701 – Insecure directory permissions on installer files
https://notcve.org/view.php?id=CVE-2022-43701
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions •