CVE-2021-43619 - OpenCVE

Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Arm	Trusted Firmware-m

Configuration 1 [-]

OR	cpe:2.3:a:arm:trusted_firmware-m:1.4.0:::::::*
	cpe:2.3:a:arm:trusted_firmware-m:1.4.1:::::::*

References

Link	Resource
https://developer.arm.com/support/arm-security-updates	Vendor Advisory
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/	Patch Third Party Advisory
https://tf-m-user-guide.trustedfirmware.org/docs/security/security_advisories/fwu_write_vulnerability.html	Exploit Patch Third Party Advisory
https://www.trustedfirmware.org	Product

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-01T04:31:25

Updated: 2022-03-01T04:31:25

Reserved: 2021-11-15T00:00:00

Link: CVE-2021-43619

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-01T05:15:07.803

Modified: 2022-03-09T00:53:24.867

Link: CVE-2021-43619

JSON object: View

Redhat Information

No data.

CWE

CWE-120

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-01T04:31:25", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://developer.arm.com/support/arm-security-updates"}, {"tags": ["x_refsource_MISC"], "url": "https://www.trustedfirmware.org"}, {"tags": ["x_refsource_MISC"], "url": "https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tf-m-user-guide.trustedfirmware.org/docs/security/security_advisories/fwu_write_vulnerability.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-43619", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://developer.arm.com/support/arm-security-updates", "refsource": "MISC", "url": "https://developer.arm.com/support/arm-security-updates"}, {"name": "https://www.trustedfirmware.org", "refsource": "MISC", "url": "https://www.trustedfirmware.org"}, {"name": "https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/", "refsource": "MISC", "url": "https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/"}, {"name": "https://tf-m-user-guide.trustedfirmware.org/docs/security/security_advisories/fwu_write_vulnerability.html", "refsource": "CONFIRM", "url": "https://tf-m-user-guide.trustedfirmware.org/docs/security/security_advisories/fwu_write_vulnerability.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-43619", "datePublished": "2022-03-01T04:31:25", "dateReserved": "2021-11-15T00:00:00", "dateUpdated": "2022-03-01T04:31:25", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2E3C409-82C3-4CD5-8387-B8C9D9A1C978", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:trusted_firmware-m:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "276E2878-F82E-43CF-B94A-96A54D32E015", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations."}, {"lang": "es", "value": "Trusted Firmware M versiones 1.4.x hasta 1.4.1, presenta un problema de desbordamiento de b\u00fafer en la partici\u00f3n de actualizaci\u00f3n de firmware. En el modelo IPC, un llamador psa_fwu_write desde SPE o NSPE puede sobrescribir ubicaciones de memoria de la pila."}], "id": "CVE-2021-43619", "lastModified": "2022-03-09T00:53:24.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-01T05:15:07.803", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://tf-m-user-guide.trustedfirmware.org/docs/security/security_advisories/fwu_write_vulnerability.html"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.trustedfirmware.org"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}