CVE-2024-6564

Published July 8th, 2024

View on NVD ↗

CVSS v3

6.7

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

renesas-rcar/arm-trusted-firmware

arm-trusted-firmware

GitHub