Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linaro vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-41325
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, `shdr_verify_signature` can make a double free. `shdr_verify_signa...
Linaro Op-tee
Linaro Op-tee 3.22.0
9.8
CVSSv3
CVE-2022-45132
In Linaro Automated Validation Architecture (LAVA) prior to 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can b...
Linaro Lava
6.5
CVSSv3
CVE-2018-12563
An issue exists in Linaro LAVA prior to 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml.
Linaro Lava
7.1
CVSSv3
CVE-2021-36133
The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral.
Linaro Op-tee -
9.8
CVSSv3
CVE-2019-1010295
Linaro/OP-TEE OP-TEE 3.3.0 and previous versions is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later.
Linaro Op-tee
9.8
CVSSv3
CVE-2019-1010296
Linaro/OP-TEE OP-TEE 3.3.0 and previous versions is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.
Linaro Op-tee
9.8
CVSSv3
CVE-2019-1010297
Linaro/OP-TEE OP-TEE 3.3.0 and previous versions is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later.
Linaro Op-tee
9.8
CVSSv3
CVE-2019-1010292
Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: optee_os. The fixed version is: v3.4.0.
Linaro Op-tee
9.8
CVSSv3
CVE-2019-1010293
Linaro/OP-TEE OP-TEE 3.3.0 and previous versions is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The fixed version is: 3.4.0 and later.
Linaro Op-tee
7.5
CVSSv3
CVE-2019-1010294
Linaro/OP-TEE OP-TEE 3.3.0 and previous versions is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.
Linaro Op-tee
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »