arm-trusted-firmware - Debian Package Tracker

general

source: arm-trusted-firmware (main)
version: 2.10.0+dfsg-1
maintainer: Vagrant Cascadian (DMD)
arch: any
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0+290.98aab974-2
oldstable: 2.4+dfsg-2
stable: 2.8.0+dfsg-1
testing: 2.10.0+dfsg-1
unstable: 2.10.0+dfsg-1

versioned links

2.0+290.98aab974-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.10.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

arm-trusted-firmware
arm-trusted-firmware-tools

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In debian/watch no matching files for watch line
  https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/ .*/trusted-firmware-a-(?:[-_]?[Vv]?(\d[\-+\.:\~\da-zA-Z]*)).tar.gz

Created: 2024-03-22 Last update: 2024-11-08 22:01

2 security issues in trixie high

There are 2 open security issues in trixie.

2 important issues:

CVE-2024-6563: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.
CVE-2024-6564: Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

Created: 2024-06-28 Last update: 2024-10-10 16:59

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2024-6563: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.
CVE-2024-6564: Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

Created: 2024-06-28 Last update: 2024-10-10 16:59

3 security issues in buster high

There are 3 open security issues in buster.

2 important issues:

CVE-2024-6285: Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.
CVE-2024-6287: Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite an already loaded image partly or completely, which could result in code execution and bypass of secure boot.

1 issue postponed or untriaged:

CVE-2023-49100: (needs triaging) Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.

Created: 2024-06-28 Last update: 2024-06-28 20:13

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2024-02-25 Last update: 2024-11-09 01:30

5 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 29790d7e142ea8bc144d892dff4501932f7bfdde
Author: Diederik de Haas <didi.debian@cknow.org>
Date:   Thu Nov 23 23:00:48 2023 +0100

    debian/patches: Add "fix(rk3328): apply ERRATA_A53_1530924 erratum"
    
    When booting up my Rock64 (rk3328), u-boot reports about a missing
    workaround for errata 1530924.
    This is now fixed upstream, so add it to Debian's patches until it's
    incorporated into an official release.
    
    Link: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/25171

commit 25b2a59b53a7c7909c8855ca1448783996278186
Author: Diederik de Haas <didi.debian@cknow.org>
Date:   Thu Nov 23 22:59:21 2023 +0100

    debian/patches: Don't ignore '*.patch' files in debian/patches
    
    The toplevel .gitignore file specifies to ignore '*.patch' files, but
    that is undesirable in debian/patches, so add a rule to unignore them.

commit 4b0a3d1eb31a9dc9979bcc7cca27f54ec1e1a0a2
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Sun Dec 3 19:21:05 2023 -0800

    salsa-ci: Allow arm64 build in addition to regular builds.

commit 58c00e1f1ef6c85af13b27dcde3420f48fa4c343
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Sun Dec 3 19:09:35 2023 -0800

    salsa-ci: Make the default build arm64.

commit 0ec7ef06ebdc78c0598f871ebe0a4a54d338ff81
Author: Vagrant Cascadian <vagrant@debian.org>
Date:   Sun Dec 3 19:05:10 2023 -0800

    salsa-ci: Enable arm64 build, allow failure on crossbuilding arm64.

Created: 2023-12-04 Last update: 2024-11-03 05:34

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2023-12-04 Last update: 2023-12-04 17:31

3 low-priority security issues in bookworm low

There are 3 open security issues in bookworm.

3 issues left for the package maintainer to handle:

CVE-2024-6563: (needs triaging) Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.
CVE-2024-6564: (needs triaging) Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.
CVE-2023-49100: (needs triaging) Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-23 Last update: 2024-10-10 16:59

debian/patches: 1 patch to forward upstream low

Among the 1 debian patch available in version 2.10.0+dfsg-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-12-04 14:33

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-11-28 Last update: 2020-10-18 16:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.0 instead of 4.6.2).

Created: 2024-04-07 Last update: 2024-04-07 13:15

news

[rss feed]

[2023-12-09] arm-trusted-firmware 2.10.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2023-12-04] Accepted arm-trusted-firmware 2.10.0+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2023-07-06] arm-trusted-firmware 2.9.0+dfsg-3 MIGRATED to testing (Debian testing watch)
[2023-07-01] Accepted arm-trusted-firmware 2.9.0+dfsg-3 (source) into unstable (Vagrant Cascadian)
[2023-06-19] Accepted arm-trusted-firmware 2.9.0+dfsg-2 (source) into experimental (Vagrant Cascadian)
[2023-06-19] Accepted arm-trusted-firmware 2.9.0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2022-11-30] arm-trusted-firmware 2.8.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-11-25] Accepted arm-trusted-firmware 2.8.0+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2022-08-11] arm-trusted-firmware 2.7.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2022-08-06] Accepted arm-trusted-firmware 2.7.0+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2022-06-09] Accepted arm-trusted-firmware 2.7.0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-12-02] arm-trusted-firmware 2.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-11-27] Accepted arm-trusted-firmware 2.6+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2021-11-17] Accepted arm-trusted-firmware 2.6~rc0+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-09-20] arm-trusted-firmware 2.5+dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-09-09] Accepted arm-trusted-firmware 2.5+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2021-06-09] Accepted arm-trusted-firmware 2.5+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2021-01-22] arm-trusted-firmware 2.4+dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-01-17] Accepted arm-trusted-firmware 2.4+dfsg-2 (source) into unstable (Vagrant Cascadian)
[2021-01-04] Accepted arm-trusted-firmware 2.4+dfsg-1 (source) into experimental (Vagrant Cascadian)
[2020-10-23] arm-trusted-firmware 2.3+dfsg-3 MIGRATED to testing (Debian testing watch)
[2020-10-18] Accepted arm-trusted-firmware 2.3+dfsg-3 (source) into unstable (Vagrant Cascadian)
[2020-10-15] Accepted arm-trusted-firmware 2.3+dfsg-2 (source arm64) into experimental, experimental (Debian FTP Masters) (signed by: Vagrant Cascadian)
[2020-07-15] arm-trusted-firmware 2.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-07-08] Accepted arm-trusted-firmware 2.3+dfsg-1 (source) into unstable (Vagrant Cascadian)
[2020-05-02] arm-trusted-firmware 2.3-1 MIGRATED to testing (Debian testing watch)
[2020-04-26] Accepted arm-trusted-firmware 2.3-1 (source) into unstable (Vagrant Cascadian)
[2020-04-16] arm-trusted-firmware 2.2-3 MIGRATED to testing (Debian testing watch)
[2020-04-10] Accepted arm-trusted-firmware 2.2-3 (source) into unstable (Vagrant Cascadian)
[2020-01-13] arm-trusted-firmware 2.2-2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 4
RC: 0
I&N: 2
M&W: 2
F&P: 0
patch: 1

links

homepage
lintian (0, 2)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.10.0+dfsg-1build2