CVE-2020-11683

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11683
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11683.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-11683
Published
2020-09-14T14:15:10Z
Modified
2024-05-30T02:18:16.905335Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by attackers with physical access to forge CMAC values and subsequently boot arbitrary code on an affected system.

References

Affected packages

Git / github.com/linux4sam/at91bootstrap

Affected ranges

Type
GIT
Repo
https://github.com/linux4sam/at91bootstrap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

5series_1.*

5series_1.0
5series_1.1
5series_1.2
5series_1.3

Android4sam_v4.*

Android4sam_v4.0
Android4sam_v4.1
Android4sam_v4.2
Android4sam_v4.3
Android4sam_v4.4
Android4sam_v4.4_rc1
Android4sam_v4.4_rc2

android4sam_v4.*

android4sam_v4.0

linux4sam_5.*

linux4sam_5.6-rc1

v3.*

v3.5.1
v3.5.2
v3.5.3
v3.5.4
v3.6.0
v3.6.1
v3.6.2
v3.7
v3.7.1
v3.7.2
v3.7.2-rc2
v3.8
v3.8-alpha1
v3.8-alpha2
v3.8-alpha3
v3.8-alpha4
v3.8-alpha5
v3.8-alpha6
v3.8-alpha7
v3.8-beta1
v3.8.1
v3.8.10
v3.8.10-rc1
v3.8.11
v3.8.11-rc1
v3.8.11-rc2
v3.8.11-rc3
v3.8.11-rc4
v3.8.12
v3.8.13
v3.8.13-rc1
v3.8.13-rc2
v3.8.13-rc3
v3.8.13-rc4
v3.8.13-rc5
v3.8.2
v3.8.3
v3.8.4
v3.8.5
v3.8.6
v3.8.7
v3.8.8
v3.8.8-rc2
v3.8.8-rc3
v3.8.9
v3.8.9-rc1
v3.8.9-rc2
v3.8.9-rc3
v3.8.9-rc4
v3.8.9-rc6
v3.8.9-rc7
v3.9.0
v3.9.0-rc1
v3.9.0-rc2
v3.9.0-rc3
v3.9.0-rc4
v3.9.0-rc5
v3.9.1
v3.9.1-rc1