Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2023-52481

HistoryFeb 29, 2024 - 6:15 a.m.

CVE-2023-52481

2024-02-2906:15:46

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

arm cortex-a520

speculative unprivileged load

vulnerability

cache side channel

workaround

tlbi

translation regime

kpti

page table isolation

csv3 feature

e0pd feature

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load might leak data from a privileged load via a cache side channel. The issue only exists for loads within a translation regime with the same translation (e.g. same ASID and VMID). Therefore, the issue only affects the return to EL0. The workaround is to execute a TLBI before returning to EL0 after all loads of privileged data. A non-shareable TLBI to any address is sufficient. The workaround isn’t necessary if page table isolation (KPTI) is enabled, but for simplicity it will be. Page table isolation should normally be disabled for Cortex-A520 as it supports the CSV3 feature and the E0PD feature (used when KASLR is enabled).

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.64-1linux_6.1.64-1_all.deb
Debian11alllinux<= 5.10.209-2linux_5.10.209-2_all.deb
Debian10alllinux<= 4.19.249-2linux_4.19.249-2_all.deb
Debian999alllinux< 6.5.8-1linux_6.5.8-1_all.deb
Debian13alllinux< 6.5.8-1linux_6.5.8-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.64-1	linux_6.1.64-1_all.deb
Debian	11	all	linux	<= 5.10.209-2	linux_5.10.209-2_all.deb
Debian	10	all	linux	<= 4.19.249-2	linux_4.19.249-2_all.deb
Debian	999	all	linux	< 6.5.8-1	linux_6.5.8-1_all.deb
Debian	13	all	linux	< 6.5.8-1	linux_6.5.8-1_all.deb