CVE-2022-47630 - Vulnerability Details - OpenCVE

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00415.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Arm	Trusted Firmware-a

Configuration 1 [-]

cpe:2.3:o:arm:trusted_firmware-a:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-50390	Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/01/16/8
https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html
https://www.trustedfirmware.org/news/

History

Tue, 08 Apr 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 27 Nov 2024 20:45:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:arm:trusted_firmware-a::::::::	cpe:2.3:o:arm:trusted_firmware-a::::::::

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-01-16T00:00:00.000Z

Updated: 2025-04-08T20:26:30.379Z

Reserved: 2022-12-20T00:00:00.000Z

Link: CVE-2022-47630

Vulnrichment

Updated: 2024-08-03T15:02:36.318Z

NVD

Status : Modified

Published: 2023-01-16T16:15:10.940

Modified: 2025-04-08T21:15:44.903

Link: CVE-2022-47630

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-47630", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-04-08T20:26:30.379Z", "dateReserved": "2022-12-20T00:00:00.000Z", "datePublished": "2023-01-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-01-16T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.trustedfirmware.org/news/"}, {"url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html"}, {"name": "[oss-security] 20230116 CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2023/01/16/8"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:02:36.318Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.trustedfirmware.org/news/", "tags": ["x_transferred"]}, {"url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html", "tags": ["x_transferred"]}, {"name": "[oss-security] 20230116 CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2023/01/16/8"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-08T20:25:45.786768Z", "id": "CVE-2022-47630", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T20:26:30.379Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.trustedfirmware.org/news/", "tags": ["x_transferred"]}, {"url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/01/16/8", "name": "[oss-security] 20230116 CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:02:36.318Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-47630", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-08T20:25:45.786768Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T20:26:08.044Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.trustedfirmware.org/news/"}, {"url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html"}, {"url": "http://www.openwall.com/lists/oss-security/2023/01/16/8", "name": "[oss-security] 20230116 CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-01-16T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-47630", "state": "PUBLISHED", "dateUpdated": "2025-04-08T20:26:30.379Z", "dateReserved": "2022-12-20T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-01-16T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:trusted_firmware-a:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC8302C4-8777-4F92-92FE-23866D2871DD", "versionEndIncluding": "2.8", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state."}, {"lang": "es", "value": "Trusted Firmware-A hasta su versi\u00f3n 2.8 tiene una lectura fuera de los l\u00edmites en el analizador X.509 para analizar los certificados de arranque. Esto afecta el uso posterior de get_ext y auth_nvctr. Los atacantes podr\u00edan desencadenar efectos secundarios de lectura peligrosos u obtener informaci\u00f3n confidencial sobre el estado de la microarquitectura."}], "id": "CVE-2022-47630", "lastModified": "2025-04-08T21:15:44.903", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-01-16T16:15:10.940", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/01/16/8"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.trustedfirmware.org/news/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/01/16/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.trustedfirmware.org/news/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}