CVE-2023-31339
EUVD-2023-3565013.08.2024, 17:15
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| amd | trusted_firmware-a | 𝑥 < 2023.2 |
| arm | trusted_firmware-a | 𝑥 < 2.10.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-125 - Out-of-bounds ReadThe software reads data past the end, or before the beginning, of the intended buffer.