Security Advisories

ID

Title

TFMV-1

NS world may cause the CPU to perform an unexpected return operation due to unsealed stacks.

TFMV-2

Invoking Secure functions from handler mode may cause TF-M IPC model to behave unexpectedly.

TFMV-3

abort() function may not take effect in TF-M Crypto multi-part MAC/hashing/cipher operations.

TFMV-4

NSPE may access secure keys stored in TF-M Crypto service in Profile Small with Crypto key ID encoding disabled.

TFMV-5

psa_fwu_write() may cause buffer overflow in SPE.

TFMV-6

Partial tag comparison when using Chacha20-Poly1305 on the PSA driver API interface in CryptoCell enabled platforms

TFMV-7

ARoT can access PRoT data via debug logging functionality

TFMV-8

Unchecked user-supplied pointer via mailbox messages may cause write of arbitrary address

Copyright (c) 2020-2024, Arm Limited. All rights reserved.