Insufficient argument checking in Secure state Entry functions in software using Cortex-M Security Extensions (CMSE), that has been compiled using toolchains that implement 'Arm v8-M Security Extensions Requirements on Development Tools' prior to version 1.4, allows an attacker to pass values to Secure state that are out of range for types smaller than 32-bits. Out of range values might lead to incorrect operations in secure state due.

Related CVEs

CVE-2024-0151

Key Information

GHSA ID

GHSA-gcfv-8g7p-w74j

Published

April 24, 2024 6:30 PM

Last Modified

August 9, 2024 9:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 5, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.