Commit 2f1da09
nuttx/drivers/crypto/pnt/pnt_se05x_api: Minor Overflow in Secure Element Driver May Cause a DoS
Invalid data is passed to the NXP Plug & Trust Nano Package used by the
NuttX secure element driver. If the NXP code is not handling the malformed
data, a corruption can occur. Alternatively, if the attacker is able to
point create_signature_args->algorithm in memory at an address that is not
accessible, a crash can occur.
Applicable to:
* `signature_algorithm_mapping[create_signature_args->algorithm]`
* `signature_algorithm_mapping[verify_signature_args->algorithm]`
Signed-off-by: Catalin Visinescu <catalin_visinescu@yahoo.com>1 parent 1fd2fc2 commit 2f1da09
1 file changed
Lines changed: 12 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
308 | 308 | | |
309 | 309 | | |
310 | 310 | | |
| 311 | + | |
| 312 | + | |
| 313 | + | |
| 314 | + | |
| 315 | + | |
| 316 | + | |
311 | 317 | | |
312 | 318 | | |
313 | 319 | | |
| |||
327 | 333 | | |
328 | 334 | | |
329 | 335 | | |
| 336 | + | |
| 337 | + | |
| 338 | + | |
| 339 | + | |
| 340 | + | |
| 341 | + | |
330 | 342 | | |
331 | 343 | | |
332 | 344 | | |
| |||
0 commit comments