Hi Everyone

There is a new security vulnerability report for Secure software executing on Armv8-M processors that causes it to be vulnerable to attacks from the Non-secure state if the secure stacks are not sealed properly. More details about the vulnerability can be found here: https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing

 

Please find the security advisory specific to TF-M and patches that have been developed as per the TrustedFirmware.org security process[1] below :

 

1. TF-M Security advisory https://review.trustedfirmware.org/c/TF-M/trusted-firmware-m/+/6455/1
2. Fix based on TF-Mv1.1 release has been uploaded as a new branch “TF-Mv1.1-stack-seal-mitigation" to the main repository. The branch can also be accessed here: https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/log/?h=TF-Mv1.1-stack-seal-mitigation
3. Fix based on the latest master is available here: https://review.trustedfirmware.org/q/topic:%22stack-seal-mitigation%22.

 

Please let us know if you have any comments.

 

Best Regards

Soby Mathew

 

[1] https://developer.trustedfirmware.org/w/collaboration/security_center/reporting/