4.7

CVE-2023-52481

arm64: errata: Add Cortex-A520 speculative unprivileged load workaround

In the Linux kernel, the following vulnerability has been resolved:

arm64: errata: Add Cortex-A520 speculative unprivileged load workaround

Implement the workaround for ARM Cortex-A520 erratum 2966298. On an
affected Cortex-A520 core, a speculatively executed unprivileged load
might leak data from a privileged load via a cache side channel. The
issue only exists for loads within a translation regime with the same
translation (e.g. same ASID and VMID). Therefore, the issue only affects
the return to EL0.

The workaround is to execute a TLBI before returning to EL0 after all
loads of privileged data. A non-shareable TLBI to any address is
sufficient.

The workaround isn't necessary if page table isolation (KPTI) is
enabled, but for simplicity it will be. Page table isolation should
normally be disabled for Cortex-A520 as it supports the CSV3 feature
and the E0PD feature (used when KASLR is enabled).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.1.57
LinuxLinux Kernel Version >= 6.2 < 6.5.7
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
LinuxLinux Kernel Version6.6 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.6% 0.441
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 1.2 3.4
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/32b0a4ffcaea44a00a61e40c0d1bcc50362aee25
Patch
https://git.kernel.org/stable/c/471470bc7052d28ce125901877dd10e4c048e513
Patch
https://git.kernel.org/stable/c/6e3ae2927b432a3b7c8374f14dbc1bd9ebe4372c
Patch