The transport_message_handler function in SCP-Firmware...
High severity
Unreviewed
Published
Nov 13, 2024
to the GitHub Advisory Database
•
Updated Nov 27, 2024
Description
Published by the National Vulnerability Database
Nov 13, 2024
Published to the GitHub Advisory Database
Nov 13, 2024
Last updated
Nov 27, 2024
The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware.
References