Vulnerabilities for I.mx 6dualplus firmware (...) - CXSECURITY.COM

Vulnerabilities for 'I.mx 6dualplus firmware'

2017-08-07

CVE-2017-7936

CWE-119

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.

CVE-2017-7932

CWE-295

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.

>>> Vendor: NXP 35 Products

I.mx 6dualplus firmware

Vybrid mvf50nn151cmk40 firmware

I.mx 6ultralite firmware

I.mx 6duallite firmware

Vybrid mvf50ns151cmk50 firmware

Vybrid mvf51ns151cmk50 firmware

I.mx 6sololite firmware

I.mx 6solo firmware

I.mx 6quadplus firmware

I.mx 6solox firmware

I.mx 28 firmware

Vybrid mvf30ns151cku26 firmware

Vybrid mvf61nn151cmk50 firmware

Vybrid mvf30nn151cku26 firmware

Vybrid mvf60ns151cmk40 firmware

Vybrid mvf60ns151cmk50 firmware

I.mx 6quad firmware

Vybrid mvf60nn151cmk50 firmware

Vybrid mvf60nn151cmk40 firmware

I.mx 50 firmware

I.mx 6ull firmware

Vybrid mvf62nn151cmk40 firmware

Vybrid mvf51nn151cmk50 firmware

Vybrid mvf50ns151cmk40 firmware

I.mx 7solo firmware

Vybrid mvf50nn151cmk50 firmware

Vybrid mvf61ns151cmk50 firmware

I.mx 7dual firmware

I.mx 53 firmware

I.mx 6dual firmware

Kinetis k8x firmware

Kinetis kv1x firmware

Kinetis kv3x firmware

Mcuxpresso software development kit

Copyright 2024, cxsecurity.com