Vulnerabilities > Linaro > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-42902 | In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. | 8.8 |
| 2021-12-07 | CVE-2021-36133 | Incorrect Permission Assignment for Critical Resource vulnerability in Linaro Op-Tee The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. | 7.1 |
| 2021-12-07 | CVE-2021-44149 | Unspecified vulnerability in Linaro Op-Tee An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. | 7.8 |
| 2021-05-21 | CVE-2021-32032 | Memory Leak vulnerability in Linaro Trusted Firmware-M In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak. | 7.5 |
| 2019-07-15 | CVE-2019-1010294 | Numeric Errors vulnerability in Linaro Op-Tee Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. | 7.5 |
| 2018-06-19 | CVE-2018-12565 | Improper Input Validation vulnerability in multiple products An issue was discovered in Linaro LAVA before 2018.5.post1. | 8.8 |
| 2018-01-02 | CVE-2017-1000412 | Information Exposure vulnerability in Linaro Op-Tee Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. | 7.5 |