Known Vulnerabilities for products from Linaro
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Linaro".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36133 | The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZo... | 7.1 - HIGH | 2021-12-07 | 2021-12-09 |
| CVE-2021-32032 | In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event ... | 7.5 - HIGH | 2021-05-21 | 2021-05-27 |
| CVE-2020-13799 | Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in ... | 6.8 - MEDIUM | 2020-11-18 | 2021-06-29 |
| CVE-2019-1010298 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE c... | 9.8 - CRITICAL | 2019-07-15 | 2021-07-21 |
| CVE-2019-1010297 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel)... | 9.8 - CRITICAL | 2019-07-15 | 2021-07-21 |
| CVE-2019-1010296 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core ... | 9.8 - CRITICAL | 2019-07-15 | 2021-07-21 |
| CVE-2019-1010295 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of me... | 9.8 - CRITICAL | 2019-07-15 | 2021-07-21 |
| CVE-2019-1010294 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data fr... | 7.5 - HIGH | 2019-07-15 | 2019-07-16 |
| CVE-2019-1010293 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself.... | 9.8 - CRITICAL | 2019-07-15 | 2020-08-24 |
| CVE-2019-1010292 | Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of... | 9.8 - CRITICAL | 2019-07-16 | 2021-07-21 |
| CVE-2019-25052 | In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic... | 9.1 - CRITICAL | 2021-08-11 | 2021-08-19 |
| CVE-2018-12565 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when pa... | 8.8 - HIGH | 2018-06-19 | 2019-09-18 |
| CVE-2018-12564 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge ... | 6.5 - MEDIUM | 2018-06-19 | 2018-08-10 |
| CVE-2018-12563 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-g... | 6.5 - MEDIUM | 2018-06-19 | 2018-08-10 |
| CVE-2018-12437 | LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number... | 4.9 - MEDIUM | 2018-06-15 | 2021-06-29 |
| CVE-2017-1000413 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery pa... | 5.9 - MEDIUM | 2018-01-02 | 2018-01-17 |
| CVE-2017-1000412 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTom... | 7.5 - HIGH | 2018-01-02 | 2018-01-17 |