Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Op\-Tee
(Linaro)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 16 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-18 | CVE-2020-13799 | Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards bodies and is implemented by storage devices from multiple vendors to assist host systems in securing trusted firmware. Several scenarios have been identified in which the RPMB state may be affected by an attacker without... | Op\-Tee, Inand_cl_em132_firmware, Inand_ix_em132_firmware, Inand_ix_em132_xi_firmware | 6.8 | ||
2018-06-15 | CVE-2018-12437 | LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | Libtomcrypt, Op\-Tee | 4.9 | ||
2019-07-15 | CVE-2019-1010294 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later. | Op\-Tee | 7.5 | ||
2019-07-15 | CVE-2019-1010293 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The fixed version is: 3.4.0 and later. | Op\-Tee | 9.8 | ||
2018-01-02 | CVE-2017-1000413 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key. | Op\-Tee | 5.9 | ||
2018-01-02 | CVE-2017-1000412 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. | Op\-Tee | 7.5 |