- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
- Home
- :
- i.MX Processors
- :
- i.MX Processors Knowledge Base
- :
- i.MX & Vybrid Security Vulnerability Errata - ERR010872, ERR010873
i.MX & Vybrid Security Vulnerability Errata - ERR010872, ERR010873
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
i.MX & Vybrid Security Vulnerability Errata - ERR010872, ERR010873
i.MX & Vybrid Security Vulnerability Errata - ERR010872, ERR010873
Please find attached preliminary errata on the two i.MX security vulnerabilities:
- ERR010872 – Secure Boot Vulnerability when using the Serial Downloader (CVE-2017-7936)
- ERR010873 – Secure Boot Vulnerability when Authenticating a Certificate (CVE-2017-7932)
These are preliminary versions of the errata. Final versions will be incorporated into the Chip Errata (CE) document for each impacted device at a later date.
Customer Notification
A Customer Information Notification(CIN 201704026I) with the affected part numbers has been sent out to impacted users.
Updated Silicon Sample Availability
An Advanced Product Change Notification (A-PCN 201705010A), that provides updated silicon availability information has also been sent out to impacted users.
Mitigations
An Engineering Bulletin (EB00854) on possible mitigation strategies is available to impacted users and can be requested through your NXP field support team or distributor.
Further Questions or Support
Please contact your NXP support representative or enter a support request for further questions on this topic indicating the part number and the mass production start date.
