Today > 1 Critical | 5 High | 4 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-0151

April 24, 2024, 7:58 p.m.

Tags

Product(s) Impacted

UNKNOWN

Arm Cortex-M Security Extensions (CMSE) software

  • < 1.4

Description

Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Secure state that are out of range for types smaller than 32-bits. Out of range values might lead to incorrect operations in secure state due.

Weaknesses

Date

Published: April 24, 2024, 6:15 p.m.

Last Modified: April 24, 2024, 7:58 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

arm-security@arm.com

References

https://developer.arm.com/ arm-security@arm.com