CVE-2017-9607

HIGH Year: 2017
CVSS v3 Score
7.0
High
CVSS v2 Score
5.1
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.

Related Vulnerabilities

CVE-2014-0143

HIGH
CVSS:7.0(High)

Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in ...

CWE-1902014

CVE-2017-0521

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High...

CWE-1902017

CVE-2017-0553

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because i...

CWE-1902017

CVE-2017-0576

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated ...

CWE-1902017

CVE-2017-0611

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-1902017

CVE-2017-4950

HIGH
CVSS:7.0(High)

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute c...

CWE-1902017