CVE-2019-25052

Published: Aug 11, 2021

Modified: Aug 5, 2024

PUBLISHED

Description

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/OP-TEE/optee_os/security/advisories/GHSA-pgwr-qmgh-vhmf

x_refsource_MISC

https://github.com/OP-TEE/optee_os/commit/34a08bec755670ea0490cb53bbc68058cafc69b6

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-25052

Description

Affected Products

References