CVE-2022-25332

Name of the Vulnerable Software and Affected Versions Texas Instruments OMAP L138 (secure variants) (affected versions not specified)

Description The AES implementation in the Texas Instruments OMAP L138 suffers from a timing side channel. This can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. The SK LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK) using this side channel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.