andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
arm-trusted-firmware/docs/security-center.rst

4.8 KiB
Raw Blame History

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> </head>

Security Center

Security Disclosures

We disclose all security vulnerabilities we find or are advised about that are relevant for ARM Trusted Firmware (TF). We encourage responsible disclosure of vulnerabilities and inform users as best we can about all possible issues.

We disclose TF vulnerabilities as Security Advisories. These are listed at the bottom of this page and announced as issues in the GitHub issue tracker with the "security-advisory" tag. You can receive notification emails for these by watching that project.

Found a Security Issue?

Although we try to keep TF secure, we can only do so with the help of the community of developers and security researchers.

If you think you have found a security vulnerability, please do not report it in the GitHub issue tracker. Instead send an email to trusted-firmware-security@arm.com

Please include:

  • Trusted Firmware version (or commit) affected
  • A description of the concern or vulnerability
  • Details on how to replicate the vulnerability, including:
    • Configuration details
    • Proof of concept exploit code
    • Any additional software or tools required

We recommend using this PGP/GPG key for encrypting the information. This key is also available at http://keyserver.pgp.com and LDAP port 389 of the same server. The fingerprint for this key is:

1309 2C19 22B4 8E87 F17B FE5C 3AB7 EFCB 45A0 DFD0

If you would like replies to be encrypted, please provide your public key.

Please give us the time to respond to you and fix the vulnerability before going public. We do our best to respond and fix any issues quickly. We also need to ensure providers of products that use TF have a chance to consider the implications of the vulnerability and its remedy.

Afterwards, we encourage you to write-up your findings about the TF source code.

Attribution

We will name and thank you in the change-log.rst distributed with the source code and in any published security advisory.

Security Advisories

ID Title
TFV-1 Malformed Firmware Update SMC can result in copy of unexpectedly large data into secure memory
TFV-2 Enabled secure self-hosted invasive debug interface can allow normal world to panic secure world
TFV-3 RO memory is always executable at AArch64 Secure EL1
TFV-4 Malformed Firmware Update SMC can result in copy or authentication of unexpected data in secure memory in AArch32 state
TFV-5 Not initializing or saving/restoring PMCR_EL0 can leak secure world timing information
TFV-6 Arm Trusted Firmware exposure to speculative processor vulnerabilities using cache timing side-channels
TFV-7 Trusted Firmware-A exposure to cache speculation vulnerability Variant 4
TFV-8 Not saving x0 to x3 registers can leak information from one Normal World SMC client to another
</html>