Skip to main content

Arm Trusted Firmware CVE-2024-1633

LOW
Integer Overflow or Wraparound (CWE-190)
2024-02-19 cve@asrg.io
2.0
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
2.0 LOW
AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 19, 2024 - 17:15 nvd
LOW 2.0

DescriptionNVD

During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot.

Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not

AnalysisAI

During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not Affected products include: Renesas Arm-Trusted-Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

Share

CVE-2024-1633 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy