AT91bootstrap prior to 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the bootloader).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux4sam at91bootstrap |