CVE-2024-6285

Source
https://cve.org/CVERecord?id=CVE-2024-6285
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6285.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-6285
Downstream
Published
2024-06-24T15:32:13.776Z
Modified
2026-07-15T02:13:26.625247249Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Integer Underflow in Memory Range Check in Renesas RCAR
Details

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.

Database specific
{
    "cwe_ids": [
        "CWE-191"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/6xxx/CVE-2024-6285.json",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "c2f286820471ed276c57e603762bd831873e5a17"
                },
                {
                    "fixed": "b596f580637bae919b0ac3a5471422a1f756db3b"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "cna_assigner": "ASRG"
}
References

Affected packages

Git / github.com/renesas-rcar/arm-trusted-firmware

Affected ranges

Type
GIT
Repo
https://github.com/renesas-rcar/arm-trusted-firmware
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6285.json"