Xilinx Zynq-7000 Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:xilinx:zynq-7000_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Xilinx (052b85b7-5ee0-58fa-a00f-77291dc19cec) |
|---|---|
| Product | Zynq 7000 Firmware (15d2e4f4-12dc-5a1c-92d9-12df204f9281) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-27208 |
vulnerable | 2026-06-08 05:30:46.075887 |
Details available
When booting a Zync-7000 SOC device from nand flash memory, the nand driver in the ROM does not validate the inputs when reading in any parameters in the nand’s parameter page. IF a field read in from the parameter page is too large, this causes a buffer overflow that could lead to arbitrary code execution. Physical access and modification of the board assembly on which the Zynq-7000 SoC device mounted is needed to replace the original NAND flash memory with a NAND flash emulation device for this attack to be successful.
Published: 2021-03-15T12:27:26.000Z
Updated: 2024-08-03T20:40:47.492Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.