Description
Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.
Advisory Details
- CVE ID
- CVE-2024-6564
- Affected Products
- Rensas RCAR
- Problem Type
- CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CAPEC ID
- CAPEC-100 Overflow Buffers
- Published
- Jul 8, 2024