doc: Add missing CVE links to advisories

author Paul Beesley <paul.beesley@arm.com>

Tue, 5 Mar 2019 17:10:07 +0000 (17:10 +0000)

committer Paul Beesley <paul.beesley@arm.com>

Thu, 7 Mar 2019 11:23:32 +0000 (11:23 +0000)
author Paul Beesley <paul.beesley@arm.com>
Tue, 5 Mar 2019 17:10:07 +0000 (17:10 +0000)
committer Paul Beesley <paul.beesley@arm.com>
Thu, 7 Mar 2019 11:23:32 +0000 (11:23 +0000)
diff --git a/docs/security_advisories/security-advisory-tfv-1.rst b/docs/security_advisories/security-advisory-tfv-1.rst

index 23b1c9896f33fd0f19c453e2ea810da1f0eaf7d3..e3d1984b0c2b245d6591dc25f25beeeedc5b759f 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-1.rst
+++ b/docs/security_advisories/security-advisory-tfv-1.rst
@@ -2,7 +2,7 @@
  | Title          | Malformed Firmware Update SMC can result in copy of         |
  |                | unexpectedly large data into secure memory                  |
  +================+=============================================================+
-| CVE ID         | CVE-2016-10319                                              |
+| CVE ID         | `CVE-2016-10319`_                                           |
  +----------------+-------------------------------------------------------------+
  | Date           | 18 Oct 2016                                                 |
  +----------------+-------------------------------------------------------------+
@@ -154,5 +154,6 @@ ARM platform version of this function contains a similar vulnerability:
    return success. Platforms that copy this insecure pattern will have the same
    vulnerability.
  
+.. _CVE-2016-10319: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10319
  .. _48bfb88: https://github.com/ARM-software/arm-trusted-firmware/commit/48bfb88
  .. _Pull Request #783: https://github.com/ARM-software/arm-trusted-firmware/pull/783
diff --git a/docs/security_advisories/security-advisory-tfv-2.rst b/docs/security_advisories/security-advisory-tfv-2.rst

index 1c3a28f10f6e1c2fbbbc7befd97aa6302576f3d0..db4745854ca499641064ed8396eac3ffb5effa05 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-2.rst
+++ b/docs/security_advisories/security-advisory-tfv-2.rst
@@ -2,7 +2,7 @@
  | Title          | Enabled secure self-hosted invasive debug interface can     |
  |                | allow normal world to panic secure world                    |
  +================+=============================================================+
-| CVE ID         | CVE-2017-7564                                               |
+| CVE ID         | `CVE-2017-7564`_                                            |
  +----------------+-------------------------------------------------------------+
  | Date           | 02 Feb 2017                                                 |
  +----------------+-------------------------------------------------------------+
@@ -51,6 +51,7 @@ image or integrate the `AArch32 equivalent`_ of the ``el3_arch_init_common``
  macro. Here the affected bits are ``SDCR.SPD``, which should also be assigned to
  ``10`` instead of ``00``
  
+.. _CVE-2017-7564: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7564
  .. _commit 495f3d3: https://github.com/ARM-software/arm-trusted-firmware/commit/495f3d3
  .. _AArch64 macro: https://github.com/ARM-software/arm-trusted-firmware/blob/bcc2bf0/include/common/aarch64/el3_common_macros.S#L85
  .. _AArch32 equivalent: https://github.com/ARM-software/arm-trusted-firmware/blob/bcc2bf0/include/common/aarch32/el3_common_macros.S#L41
diff --git a/docs/security_advisories/security-advisory-tfv-3.rst b/docs/security_advisories/security-advisory-tfv-3.rst

index 42415730e0e90e5026f035238f7c8796e8704020..28e10bff260a5dae503d4727e161e7d246ed6346 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-3.rst
+++ b/docs/security_advisories/security-advisory-tfv-3.rst
@@ -1,7 +1,7 @@
  +----------------+-------------------------------------------------------------+
  | Title          | RO memory is always executable at AArch64 Secure EL1        |
  +================+=============================================================+
-| CVE ID         | CVE-2017-7563                                               |
+| CVE ID         | `CVE-2017-7563`_                                            |
  +----------------+-------------------------------------------------------------+
  | Date           | 06 Apr 2017                                                 |
  +----------------+-------------------------------------------------------------+
@@ -78,5 +78,6 @@ The vulnerability is mitigated by the following factors:
    mapped into the secure world is non-executable by setting the ``SCR_EL3.SIF``
    bit. See the ``el3_arch_init_common`` macro in ``el3_common_macros.S``.
  
+.. _CVE-2017-7563: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7563
  .. _Pull Request #662: https://github.com/ARM-software/arm-trusted-firmware/pull/662
  .. _Pull Request #924: https://github.com/ARM-software/arm-trusted-firmware/pull/924
diff --git a/docs/security_advisories/security-advisory-tfv-4.rst b/docs/security_advisories/security-advisory-tfv-4.rst

index 9f304c63f98f4cab092bdd9c76e5b93a0ea9519c..386d0da07313257d52234fec68d96ba72af97dc6 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-4.rst
+++ b/docs/security_advisories/security-advisory-tfv-4.rst
@@ -3,7 +3,7 @@
  |                | authentication of unexpected data in secure memory in       |
  |                | AArch32 state                                               |
  +================+=============================================================+
-| CVE ID         | CVE-2017-9607                                               |
+| CVE ID         | `CVE-2017-9607`_                                            |
  +----------------+-------------------------------------------------------------+
  | Date           | 20 Jun 2017                                                 |
  +----------------+-------------------------------------------------------------+
@@ -114,6 +114,7 @@ The vulnerability is known to affect all ARM standard platforms when enabling
  the ``TRUSTED_BOARD_BOOT`` and ``ARCH=aarch32`` build options.  Other platforms
  may also be affected if they fulfil the above conditions.
  
+.. _CVE-2017-9607: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9607
  .. _commit c396b73: https://github.com/ARM-software/arm-trusted-firmware/commit/c396b73
  .. _Pull Request #678: https://github.com/ARM-software/arm-trusted-firmware/pull/678
  .. _Pull Request #939: https://github.com/ARM-software/arm-trusted-firmware/pull/939
diff --git a/docs/security_advisories/security-advisory-tfv-5.rst b/docs/security_advisories/security-advisory-tfv-5.rst

index 65256452ca8f28d6ed945b40e4d32e479ef665e7..4479bf027e051e22e117618905bedb2d07743c14 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-5.rst
+++ b/docs/security_advisories/security-advisory-tfv-5.rst
@@ -2,7 +2,7 @@
  | Title          | Not initializing or saving/restoring ``PMCR_EL0`` can leak  |
  |                | secure world timing information                             |
  +================+=============================================================+
-| CVE ID         | CVE-2017-15031                                              |
+| CVE ID         | `CVE-2017-15031`_                                           |
  +----------------+-------------------------------------------------------------+
  | Date           | 02 Oct 2017                                                 |
  +----------------+-------------------------------------------------------------+
@@ -39,4 +39,5 @@ sensible default values in the secure context.
  The same issue exists for the equivalent AArch32 register, ``PMCR``, except that
  here ``PMCR_EL0.DP`` architecturally resets to zero.
  
+.. _CVE-2017-15031: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15031
  .. _Pull Request #1127: https://github.com/ARM-software/arm-trusted-firmware/pull/1127
diff --git a/docs/security_advisories/security-advisory-tfv-8.rst b/docs/security_advisories/security-advisory-tfv-8.rst

index d04c575a7da594f1e7e85e6aab39783908ad48b0..eacdc7bcd1a198675c51ff51f9239ff996ac8497 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-8.rst
+++ b/docs/security_advisories/security-advisory-tfv-8.rst
@@ -2,7 +2,7 @@
  | Title          | Not saving x0 to x3 registers can leak information from one |
  |                | Normal World SMC client to another                          |
  +================+=============================================================+
-| CVE ID         | CVE-2018-19440                                              |
+| CVE ID         | `CVE-2018-19440`_                                           |
  +----------------+-------------------------------------------------------------+
  | Date           | 27 Nov 2018                                                 |
  +----------------+-------------------------------------------------------------+
@@ -94,6 +94,7 @@ line 19 (referring to the version of the code as of `commit c385955`_):
          /* Save r0 - r12 in the SMC context */
          stm sp, {r0-r12}
  
+.. _CVE-2018-19440: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19440
  .. _commit c385955: https://github.com/ARM-software/arm-trusted-firmware/commit/c385955
  .. _SMC Calling Convention: http://arminfo.emea.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf
  .. _Pull Request #1710: https://github.com/ARM-software/arm-trusted-firmware/pull/1710
author	Paul Beesley <paul.beesley@arm.com>
	Tue, 5 Mar 2019 17:10:07 +0000 (17:10 +0000)
committer	Paul Beesley <paul.beesley@arm.com>
	Thu, 7 Mar 2019 11:23:32 +0000 (11:23 +0000)
docs/security_advisories/security-advisory-tfv-1.rst		patch \| blob \| history
docs/security_advisories/security-advisory-tfv-2.rst		patch \| blob \| history
docs/security_advisories/security-advisory-tfv-3.rst		patch \| blob \| history
docs/security_advisories/security-advisory-tfv-4.rst		patch \| blob \| history
docs/security_advisories/security-advisory-tfv-5.rst		patch \| blob \| history
docs/security_advisories/security-advisory-tfv-8.rst		patch \| blob \| history