GCVE - cpe:2.3:h:nxp:i.mx_6ull:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:nxp:i.mx_6ull:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Nxp (`2c4d2203-ccbd-50e6-842f-582e7fe949e0`)
Product	I.Mx 6Ull (`130f4d2a-1578-5279-a0e8-eacbc6cdd136`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-45163`	not_vulnerable	2026-06-03 14:48:23.866162	Details available MEDIUM (5.3) An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol (SDP) mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device security-enabled configuration, memory contents could potentially leak to physically proximate attackers via the respective SDP port in cold and warm boot attacks. (The recommended mitigation is to completely disable the SDP mode by programming a one-time programmable eFUSE. Customers can contact NXP for additional information.) Published: 2022-11-18T00:00:00.000Z Updated: 2025-04-30T14:38:50.059Z Open on db.gcve.eu Reference links https://research.nccgroup.com/category/technical-advisory/ https://nxp.com https://research.nccgroup.com/2022/11/17/cve-2022-45163/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-36133`	not_vulnerable	2026-06-03 14:44:57.172671	Details available The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral. Published: 2021-12-07T20:42:31.000Z Updated: 2024-08-04T00:47:43.842Z Open on db.gcve.eu Reference links https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7936`	not_vulnerable	2026-06-03 14:37:38.513310	Details available A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory. Published: 2017-08-07T08:00:00.000Z Updated: 2024-08-05T16:19:29.271Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02 http://www.securityfocus.com/bid/99966	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-7932`	not_vulnerable	2026-06-03 14:37:38.491979	Details available An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image. Published: 2017-08-07T08:00:00.000Z Updated: 2024-08-05T16:19:29.197Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02 http://www.securityfocus.com/bid/99966	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.