Lucene search
HistoryOct 04, 2023 - 4:15 a.m.
CVE-2023-5370
cve-2023-5370
smccc
speculative execution
cpu 0
security vulnerability
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.2%
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0.
Affected configurations
Node
freebsdfreebsdMatch13.2-
| CPE | Name | Operator | Version |
|---|---|---|---|
| freebsd:freebsd | freebsd | eq | 13.2 |
CNA Affected
[
{
"defaultStatus": "unknown",
"modules": [
"arm64"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p4",
"status": "affected",
"version": "13.2-RELEASE",
"versionType": "release"
}
]
}
]Related
freebsd
freebsd
FreeBSD -- arm64 boot CPUs may lack speculative execution protections
2023-10-03 00:00:00
nvd
nvd
CVE-2023-5370
2023-10-04 04:15:15
prion
prion
Code injection
2023-10-04 04:15:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:14.smccc
2023-10-03 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2023-5370 arm64 boot CPUs may lack speculative execution protections
2023-10-04 03:59:45
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2023-5370