CVE-2023-40271

HIGH

Trusted Firmware-M < TF-Mv1.8.0 - Buffer Overflow

Title source: llm

Description

In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.

References (2)

[Exploit, Mitigation, Technical Description, Vendor Advisory] https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/security/security_advisories/cc3xx_partial_tag_compare_on_chacha20_poly1305.rst

[Release Notes] https://tf-m-user-guide.trustedfirmware.org/releases/index.html

Scores

CVSS v3 7.5

EPSS 0.0015

EPSS Percentile 35.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-697

Status published

Products (4)

arm/trusted_firmware-m 1.6.0

arm/trusted_firmware-m 1.6.1

arm/trusted_firmware-m 1.7.0

arm/trusted_firmware-m 1.8.0

Published Sep 08, 2023

Tracked Since Feb 18, 2026