Lucene search

K
redhatcveRedhat.comRH:CVE-2023-52481
HistoryFeb 29, 2024 - 11:37 a.m.

CVE-2023-52481

2024-02-2911:37:11
redhat.com
access.redhat.com
8
linux
kernel
vulnerability
cortex-a520
speculative load
workaround
arm
cache side channel
tlbi
page table isolation
kaslr

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load might leak data from a privileged load via a cache side channel. The issue only exists for loads within a translation regime with the same translation (e.g. same ASID and VMID). Therefore, the issue only affects the return to EL0. The workaround is to execute a TLBI before returning to EL0 after all loads of privileged data. A non-shareable TLBI to any address is sufficient. The workaround isn’t necessary if page table isolation (KPTI) is enabled, but for simplicity it will be. Page table isolation should normally be disabled for Cortex-A520 as it supports the CSV3 feature and the E0PD feature (used when KASLR is enabled).

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%