TFMV-5: Add FWU buffer overflow advisory
Signed-off-by: Sherry Zhang <sherry.zhang2@arm.com>
Change-Id: I61ef98f1c309f60c8895d71b3035ed5e52242c63
diff --git a/docs/security/security.rst b/docs/security/security.rst
index 0ec39bc..7f953a0 100644
--- a/docs/security/security.rst
+++ b/docs/security/security.rst
@@ -52,6 +52,11 @@
| |TFMV-3| | ``abort()`` function may not take effect in TF-M Crypto |
| | multi-part MAC/hashing/cipher operations. |
+------------+-----------------------------------------------------------------+
+| |TFMV-4| | NSPE may access secure keys stored in TF-M Crypto service |
+| | in Profile Small with Crypto key ID encoding disabled. |
++------------+-----------------------------------------------------------------+
+| |TFMV-5| | ``psa_fwu_write()`` may cause buffer overflow in SPE. |
++------------+-----------------------------------------------------------------+
.. _issue tracker: https://developer.trustedfirmware.org/project/view/2/
.. _mailing list: https://lists.trustedfirmware.org/mailman/listinfo/tf-m
@@ -59,6 +64,8 @@
.. |TFMV-1| replace:: :ref:`docs/security/security_advisories/stack_seal_vulnerability:Advisory TFMV-1`
.. |TFMV-2| replace:: :ref:`docs/security/security_advisories/svc_caller_sp_fetching_vulnerability:Advisory TFMV-2`
.. |TFMV-3| replace:: :ref:`docs/security/security_advisories/crypto_multi_part_ops_abort_fail:Advisory TFMV-3`
+.. |TFMV-4| replace:: :ref:`docs/security/security_advisories/profile_small_key_id_encoding_vulnerability:Advisory TFMV-4`
+.. |TFMV-5| replace:: :ref:`docs/security/security_advisories/fwu_write_vulnerability:Advisory TFMV-5`
.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/
@@ -66,4 +73,4 @@
--------------
-*Copyright (c) 2020-2021, Arm Limited. All rights reserved.*
+*Copyright (c) 2020-2022, Arm Limited. All rights reserved.*