CVE-2022-25332

CVSS V2 None CVSS V3 None
Description
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK).
Overview
  • CVE ID
  • CVE-2022-25332
  • Assigner
  • NCSC-NL
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-10-19T09:36:24.924Z
  • Last Modified Date
  • 2023-10-19T09:50:05.515Z
References
Reference URL Reference Tags
https://tetraburst.com/ related
History
Created Old Value New Value Data Type Notes
2024-06-24 18:15:49 Added to TrackCVE