CVE-2023-31339
13.08.2024, 17:15
Improper input validation in ARM Trusted Firmware used in AMDs Zynq UltraScale+) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.Enginsight
| Vendor | Product | Version |
|---|---|---|
| amd | trusted_firmware-a | 𝑥 < 2023.2 |
| arm | trusted_firmware-a | 𝑥 < 2.10.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-125 - Out-of-bounds ReadThe software reads data past the end, or before the beginning, of the intended buffer.