CVE-2023-40271
Summary
| CVE | CVE-2023-40271 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-09-08 02:15:08 UTC |
| Updated | 2026-06-05 20:07:06 UTC |
| Description | In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8. |
Risk And Classification
Primary CVSS: v3.1 7.5 HIGH from [email protected]
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS: 0.001900000 probability, percentile 0.407510000 (date 2026-06-11)
Problem Types: CWE-697 | n/a
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
HighAvailability
NoneCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Trustedfirmware | Trusted Firmware-m | 1.6.0 | All | All | All |
| Operating System | Trustedfirmware | Trusted Firmware-m | 1.6.1 | All | All | All |
| Operating System | Trustedfirmware | Trusted Firmware-m | 1.7.0 | All | All | All |
| Operating System | Trustedfirmware | Trusted Firmware-m | 1.8.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Releases — Trusted Firmware-M v1.6.1 documentation | af854a3a-2127-422b-91ae-364da2661108 | tf-m-user-guide.trustedfirmware.org | Release Notes |
| cc3xx_partial_tag_compare_on_chacha20_poly1305.rst « security_advisories « security « docs - trusted-firmware-m.git - Trusted Firmware for M profile Arm CPUs | af854a3a-2127-422b-91ae-364da2661108 | git.trustedfirmware.org | Exploit, Mitigation, Technical Description, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.