CVE-2021-44850

Name of the Vulnerable Software and Affected Versions Xilinx Zynq-7000 SoC devices (affected versions not specified)

Description The issue concerns a buffer overflow attack in the ROM of Xilinx Zynq-7000 SoC devices. This attack is possible due to the physical modification of an SD boot image, which allows an attacker to modify the boot header stored on an SD card. As a result, a secure image can appear to be unencrypted, enabling the modification of register initialization values that are normally restricted during secure booting. Specifically, two registers controlling the SD card's transfer type and transfer size can be modified to cause a buffer overflow in the ROM.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.