Add change log

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2026-03-26 06:01:09 +01:00 · 2021-12-02 11:26:07 +01:00
parent 4c224fe3cc
commit e7a5e985ae
1 changed files with 5 additions and 0 deletions
--- a/ChangeLog.d/fix-cipher-iv.txt
+++ b/ChangeLog.d/fix-cipher-iv.txt
@@ -0,0 +1,5 @@
+Security
+   * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
+     from the output buffer. This fixes a potential policy bypass or decryption
+     oracle vulnerability if the output buffer is in memory that is shared with
+     an untrusted application.