Hello, can I please get information about the same vulnerability in i.MX 6ULL? There seem to be no official information if it was fixed in this model of the SoC.
The Chip Errata (IMX6ULLCE)[1] document states that 6ULL revisions 1.2, 1.3 and 2 of the SoC were release after ERR010872 and ERR01073 were disclosed, but it does not mention if any of these revisions fix that vulnerabilities. The same errata states that the new revisions are not printed on the SoC enclosure (only rev 1.0 and 1.1 are marked with letters A and B). Therefore I find it impossible to determine the exact 6ULL version I use.
Toradex[1], who seems to be manufacturer of NXP-based devices, states that this vulnerability is fixed since HAB version 4.2.5. I found similar information in comments of a blog post describing said vulnerabilities[3]. However, u-boot `hab_version` command reports only `4.2`, without the minor number, which is the value stored in HAB vector table under 0x100. Therefore I'm unable to state if my HAB version is 4.2.5 or higher/lower.
Kindly please provide official information how to determine which i.MX 6ULL devices are patched for ERR010872 and ERR01073 HAB vulnerabilities.
--
[1] https://www.nxp.com/docs/en/errata/IMX6ULLCE.pdf
[2] https://developer.toradex.com/knowledge-base/secure-boot-vulnerabilities-for-imx-vybrid-errata-err01...
[3] https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html#co...
