PT-2021-16708 · Ldfw+1 · Ldfw+1
Federico Menarini
+1
·
Published
2021-12-08
·
Updated
2022-09-23
·
CVE-2021-25518
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LDFW and BL31 versions prior to SMR Dec-2021 Release 1
Description
The issue is related to an improper boundary check in the secure log of LDFW and BL31, which allows for arbitrary memory write and code execution.
Recommendations
For versions prior to SMR Dec-2021 Release 1, update to SMR Dec-2021 Release 1 or later to resolve the issue.
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bl31
Ldfw