CVE-2024-32917

High CVSS 7.1

Overview

In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE: CWE-787 Published: 2024-06-13T21:15:55.603

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.1 (HIGH)
Detected tags: oob_write (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags