diff options
| author | Paul Beesley <paul.beesley@arm.com> | 2019-03-05 17:10:07 +0000 |
|---|---|---|
| committer | Paul Beesley <paul.beesley@arm.com> | 2019-03-07 11:23:32 +0000 |
| commit | 12fc6ba73d7191a71bf8b3b611fd3f618ed2f25e (patch) | |
| tree | 5e7745abd36a50f3d99d2757b24dbcfc2493e422 /docs/security_advisories | |
| parent | d0f9809d897b1e525cfd353753255996eee96003 (diff) | |
doc: Add missing CVE links to advisories
Some security advisories did not contain a direct link to the CVE page
on mitre.org.
Change-Id: I80f8f27a25da3a76b564a3e49cafe5e253379f37
Signed-off-by: Paul Beesley <paul.beesley@arm.com>
Diffstat (limited to 'docs/security_advisories')
6 files changed, 12 insertions, 6 deletions
diff --git a/docs/security_advisories/security-advisory-tfv-1.rst b/docs/security_advisories/security-advisory-tfv-1.rst index 23b1c989..e3d1984b 100644 --- a/docs/security_advisories/security-advisory-tfv-1.rst +++ b/docs/security_advisories/security-advisory-tfv-1.rst @@ -2,7 +2,7 @@ | Title | Malformed Firmware Update SMC can result in copy of | | | unexpectedly large data into secure memory | +================+=============================================================+ -| CVE ID | CVE-2016-10319 | +| CVE ID | `CVE-2016-10319`_ | +----------------+-------------------------------------------------------------+ | Date | 18 Oct 2016 | +----------------+-------------------------------------------------------------+ @@ -154,5 +154,6 @@ ARM platform version of this function contains a similar vulnerability: return success. Platforms that copy this insecure pattern will have the same vulnerability. +.. _CVE-2016-10319: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10319 .. _48bfb88: https://github.com/ARM-software/arm-trusted-firmware/commit/48bfb88 .. _Pull Request #783: https://github.com/ARM-software/arm-trusted-firmware/pull/783 diff --git a/docs/security_advisories/security-advisory-tfv-2.rst b/docs/security_advisories/security-advisory-tfv-2.rst index 1c3a28f1..db474585 100644 --- a/docs/security_advisories/security-advisory-tfv-2.rst +++ b/docs/security_advisories/security-advisory-tfv-2.rst @@ -2,7 +2,7 @@ | Title | Enabled secure self-hosted invasive debug interface can | | | allow normal world to panic secure world | +================+=============================================================+ -| CVE ID | CVE-2017-7564 | +| CVE ID | `CVE-2017-7564`_ | +----------------+-------------------------------------------------------------+ | Date | 02 Feb 2017 | +----------------+-------------------------------------------------------------+ @@ -51,6 +51,7 @@ image or integrate the `AArch32 equivalent`_ of the ``el3_arch_init_common`` macro. Here the affected bits are ``SDCR.SPD``, which should also be assigned to ``10`` instead of ``00`` +.. _CVE-2017-7564: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7564 .. _commit 495f3d3: https://github.com/ARM-software/arm-trusted-firmware/commit/495f3d3 .. _AArch64 macro: https://github.com/ARM-software/arm-trusted-firmware/blob/bcc2bf0/include/common/aarch64/el3_common_macros.S#L85 .. _AArch32 equivalent: https://github.com/ARM-software/arm-trusted-firmware/blob/bcc2bf0/include/common/aarch32/el3_common_macros.S#L41 diff --git a/docs/security_advisories/security-advisory-tfv-3.rst b/docs/security_advisories/security-advisory-tfv-3.rst index 42415730..28e10bff 100644 --- a/docs/security_advisories/security-advisory-tfv-3.rst +++ b/docs/security_advisories/security-advisory-tfv-3.rst @@ -1,7 +1,7 @@ +----------------+-------------------------------------------------------------+ | Title | RO memory is always executable at AArch64 Secure EL1 | +================+=============================================================+ -| CVE ID | CVE-2017-7563 | +| CVE ID | `CVE-2017-7563`_ | +----------------+-------------------------------------------------------------+ | Date | 06 Apr 2017 | +----------------+-------------------------------------------------------------+ @@ -78,5 +78,6 @@ The vulnerability is mitigated by the following factors: mapped into the secure world is non-executable by setting the ``SCR_EL3.SIF`` bit. See the ``el3_arch_init_common`` macro in ``el3_common_macros.S``. +.. _CVE-2017-7563: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7563 .. _Pull Request #662: https://github.com/ARM-software/arm-trusted-firmware/pull/662 .. _Pull Request #924: https://github.com/ARM-software/arm-trusted-firmware/pull/924 diff --git a/docs/security_advisories/security-advisory-tfv-4.rst b/docs/security_advisories/security-advisory-tfv-4.rst index 9f304c63..386d0da0 100644 --- a/docs/security_advisories/security-advisory-tfv-4.rst +++ b/docs/security_advisories/security-advisory-tfv-4.rst @@ -3,7 +3,7 @@ | | authentication of unexpected data in secure memory in | | | AArch32 state | +================+=============================================================+ -| CVE ID | CVE-2017-9607 | +| CVE ID | `CVE-2017-9607`_ | +----------------+-------------------------------------------------------------+ | Date | 20 Jun 2017 | +----------------+-------------------------------------------------------------+ @@ -114,6 +114,7 @@ The vulnerability is known to affect all ARM standard platforms when enabling the ``TRUSTED_BOARD_BOOT`` and ``ARCH=aarch32`` build options. Other platforms may also be affected if they fulfil the above conditions. +.. _CVE-2017-9607: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9607 .. _commit c396b73: https://github.com/ARM-software/arm-trusted-firmware/commit/c396b73 .. _Pull Request #678: https://github.com/ARM-software/arm-trusted-firmware/pull/678 .. _Pull Request #939: https://github.com/ARM-software/arm-trusted-firmware/pull/939 diff --git a/docs/security_advisories/security-advisory-tfv-5.rst b/docs/security_advisories/security-advisory-tfv-5.rst index 65256452..4479bf02 100644 --- a/docs/security_advisories/security-advisory-tfv-5.rst +++ b/docs/security_advisories/security-advisory-tfv-5.rst @@ -2,7 +2,7 @@ | Title | Not initializing or saving/restoring ``PMCR_EL0`` can leak | | | secure world timing information | +================+=============================================================+ -| CVE ID | CVE-2017-15031 | +| CVE ID | `CVE-2017-15031`_ | +----------------+-------------------------------------------------------------+ | Date | 02 Oct 2017 | +----------------+-------------------------------------------------------------+ @@ -39,4 +39,5 @@ sensible default values in the secure context. The same issue exists for the equivalent AArch32 register, ``PMCR``, except that here ``PMCR_EL0.DP`` architecturally resets to zero. +.. _CVE-2017-15031: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15031 .. _Pull Request #1127: https://github.com/ARM-software/arm-trusted-firmware/pull/1127 diff --git a/docs/security_advisories/security-advisory-tfv-8.rst b/docs/security_advisories/security-advisory-tfv-8.rst index d04c575a..eacdc7bc 100644 --- a/docs/security_advisories/security-advisory-tfv-8.rst +++ b/docs/security_advisories/security-advisory-tfv-8.rst @@ -2,7 +2,7 @@ | Title | Not saving x0 to x3 registers can leak information from one | | | Normal World SMC client to another | +================+=============================================================+ -| CVE ID | CVE-2018-19440 | +| CVE ID | `CVE-2018-19440`_ | +----------------+-------------------------------------------------------------+ | Date | 27 Nov 2018 | +----------------+-------------------------------------------------------------+ @@ -94,6 +94,7 @@ line 19 (referring to the version of the code as of `commit c385955`_): /* Save r0 - r12 in the SMC context */ stm sp, {r0-r12} +.. _CVE-2018-19440: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19440 .. _commit c385955: https://github.com/ARM-software/arm-trusted-firmware/commit/c385955 .. _SMC Calling Convention: http://arminfo.emea.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf .. _Pull Request #1710: https://github.com/ARM-software/arm-trusted-firmware/pull/1710 |