We have identified a new stack buffer overflow vulnerability in Unisoc’s TrustZone implementation. The vulnerability can be exploited to achieve arbitrary code execution in the DRM Trustlet’s runtime.
The vulnerability we are disclosing in this advisory affected a wide range of Unisoc devices, including phones on the newest chipsets. The August 2023 issue of the Unisoc Security Bulletin contains this vulnerability as CVE-2023-33913.
Vulnerability Details The Trusted Execution Environment (TEE) implementation of Unisoc Tiger chipsets on certain devices uses a modified version of Google’s TEE implementation called Trusty.
Trusty is an open-source trusted OS based on Little Kernel. The kernel is running in 64bit mode, however, the trustlets are 32bit ELF images baked into the TOS binary together with the kernel image.
Summary Last year we published research at Black Hat in which we disclosed multiple vulnerabilities in Huawei Kirin SoC’s DDR Controller (DMSS) Access Permission system which allowed some SoC cores or DMA-capable peripherals to directly access secure world memory and completely compromise the entire memory of the SoC. This advisory focuses on a new access permission vulnerability in the same DMSS. The vulnerability can be used to entirely compromise the Trusted Execution Environment from the Baseband. The vulnerability was fixed in February 2022.
Vulnerability Details The peripheral DMA lives up to its name, as it is mainly used to interact between multiple communication peripherals (e.
Summary Due to a race condition in input validation, the SCrypto implementation of the drTima secure driver (uuid ffffffffd0000000000000000000000a) was susceptible to a buffer overflow.
The drTima secure driver implements a fully featured crypto engine entirely in software, called SCrypto. The SCrypto APIs are callable by all Trustlets without restriction. SCrypto is in fact the OpenSSL’s FIPS compliant library with an abstraction layer added to facilitate the same APIs for crypto operations that are present between Trustlets and Secure Drivers.
The SCrypto command implements three kinds of functions: hashing (MD function family), encryption/decryption (3DES, AES, RSA), and signing (RSA).
The race condition vulnerability is in the ciphering command implementation of RSA decryption.
Summary Due to a race condition in input validation, the SCrypto implementation of the drTima secure driver (uuid ffffffffd0000000000000000000000a) was susceptible to a buffer overflow.
The drTima secure driver implements a fully featured crypto engine entirely in software, called SCrypto. The SCrypto APIs are callable by all Trustlets without restriction. SCrypto is in fact the OpenSSL’s FIPS compliant library with an abstraction layer added to facilitate the same APIs for crypto operations that are present between Trustlets and Secure Drivers.
The SCrypto command implements three kinds of functions: hashing (MD function family), encryption/decryption (3DES, AES, RSA), and signing (RSA).
The race condition vulnerability is in the ciphering command implementation of RSA encryption.
Summary Due to missing input validation, the SCrypto implementation of the drTima secure driver (uuid ffffffffd0000000000000000000000a) was susceptible to a buffer overflow.
The drTima secure driver implements a fully featured crypto engine entirely in software, called SCrypto. The SCrypto APIs are callable by all Trustlets without restriction. SCrypto is in fact the OpenSSL’s FIPS compliant library with an abstraction layer added to facilitate the same APIs for crypto operations that are present between Trustlets and Secure Drivers.
The SCrypto command implements three kinds of functions: hashing (MD function family), encryption/decryption (3DES, AES, RSA), and signing (RSA).
For each type, there are two types of implementations: