Hi Everyone,

There is a new security vulnerability found in SPM logging service which allows a malicious ARoT partition to expose any memory data via stdout interface, usually UART. Please check the details in:

• TF-M Security advisory attached to this mail: 
• Patch to fix the issue on the main branch as commit:
  https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/27793

This vulnerability fix will be included in the upcoming TF-M v2.1.0 release without a dedicated hot fix.

Thanks to Roman Mazurak who reported the issue.

Please let us know if you have any comments.

Best regards,

Anton