Vulnerabilities > ARM > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-05 CVE-2024-45157 Unspecified vulnerability in ARM Mbed TLS
An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used.
local
high complexity
arm
5.1
2024-09-05 CVE-2023-51712 Unspecified vulnerability in ARM Trusted Firmware-M
An issue was discovered in Trusted Firmware-M through 2.0.0.
high complexity
arm
4.7
2024-08-13 CVE-2023-31339 Out-of-bounds Read vulnerability in multiple products
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.
local
low complexity
amd arm CWE-125
5.8
2024-01-31 CVE-2024-23170 Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2.
local
low complexity
arm CWE-203
5.5
2024-01-08 CVE-2023-5091 Use After Free vulnerability in ARM Valhall GPU Kernel Driver
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.
local
low complexity
arm CWE-416
5.5
2023-12-08 CVE-2023-34320 Improper Locking vulnerability in multiple products
Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity.
local
low complexity
arm xen CWE-667
5.5
2023-11-07 CVE-2023-4272 Unspecified vulnerability in ARM products
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
local
low complexity
arm
5.5
2023-10-03 CVE-2023-33200 Use After Free vulnerability in ARM products
A local non-privileged user can make improper GPU processing operations to exploit a software race condition.
local
high complexity
arm CWE-416
4.7
2023-10-03 CVE-2023-34970 Out-of-bounds Write vulnerability in ARM Mali GPU Kernel Driver and Valhall GPU Kernel Driver
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition.
local
high complexity
arm CWE-787
4.7
2023-10-01 CVE-2023-4211 Use After Free vulnerability in ARM products
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
local
low complexity
arm CWE-416
5.5