SCP Firmware Vulnerability in ARM Products

CVE-2024-11864

What is CVE-2024-11864?

A vulnerability has been identified in the ARM SCP-Firmware, where specially crafted SCMI messages can prompt a Usage Fault, potentially leading to a crash of the System Control Processor (SCP). This issue affects SCP-Firmware release versions up to and including 2.15.0, thereby posing a significant risk to the stability of systems utilizing this firmware. Users of the affected versions are advised to assess their systems and apply necessary updates to mitigate potential disruptions.

References