Lines Matching refs:in

6 |                | result in an out-of-bounds read.                            |
17 |                | interfaces. Not exploitable in upstream TF-A code.          |
31 |                |   in auth_nvctr()"                                          |
40 This security advisory describes a vulnerability in the X.509 parser used to
41 parse boot certificates in TF-A trusted boot: it is possible for a crafted
45 platforms may be, if (and only if) the interfaces described below are used in a
46 different context than seen in upstream code. Details of such context is
47 described in the rest of this document.
62 The vulnerability lies in the following source file:
73 undefined on failure.  In practice, this results in ``get_ext()`` continuing to
75 which means that the in-bounds guarantee provided by ``cert_parse()`` no longer
81 Bug 2: Missing bounds check in ``auth_nvctr()``
97 All standard chains of trust provided in TF-A source tree (that is, under
102 always be done prior to any calls to ``get_ext()`` or ``auth_nvctr()`` in this
103 case, no matter the order of the properties in the file.  Therefore, it is not
104 possible to exploit this vulnerability pre-authentication in upstream TF-A.
110 in three cases:
124 In summary, there are 2 separate issues - one in ``get_ext()`` and another one
125 in ``auth_nvctr()`` - but neither of these can be exploited in the context of
128 Only in the following 2 cases do we expect this vulnerability to be triggerable
142 the bug in the certificate parser is obviously not relevant.  The bug in
151 in an ASN.1 ``INTEGER``, it is not affected.