Joakim Bech - Security Researcher - Exploit Intelligence Platform

CVE-2019-1010294 WRITEUP HIGH WRITEUP

Linaro/OP-TEE OP-TEE <3.4.0 - Info Disclosure

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.

CVSS 7.5

View Code

CVE-2019-1010296 WRITEUP CRITICAL WRITEUP

Linaro/OP-TEE OP-TEE <3.4.0 - Buffer Overflow

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

CVSS 9.8

View Code

CVE-2019-1010297 WRITEUP CRITICAL WRITEUP

Linaro/OP-TEE OP-TEE <3.4.0 - Buffer Overflow

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later.

CVSS 9.8

View Code

CVE-2019-25052 WRITEUP CRITICAL WRITEUP

Linaro OP-TEE <3.7.0 - Info Disclosure

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.

CVSS 9.1

View Code