Vulnerabilites related to amd - phenom_9550_4-core
cve-2017-5925
Vulnerability from cvelistv5
Published
2017-02-27 07:25
Modified
2024-08-05 15:18
Severity ?
EPSS score ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96452 | vdb-entry, x_refsource_BID | |
| http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | x_refsource_MISC | |
| https://www.vusec.net/projects/anc | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:48.768Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "96452", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96452", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vusec.net/projects/anc", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-27T00:00:00", descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-03-01T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "96452", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96452", }, { tags: [ "x_refsource_MISC", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.vusec.net/projects/anc", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5925", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "96452", refsource: "BID", url: "http://www.securityfocus.com/bid/96452", }, { name: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", refsource: "MISC", url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { name: "https://www.vusec.net/projects/anc", refsource: "MISC", url: "https://www.vusec.net/projects/anc", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5925", datePublished: "2017-02-27T07:25:00", dateReserved: "2017-02-07T00:00:00", dateUpdated: "2024-08-05T15:18:48.768Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5927
Vulnerability from cvelistv5
Published
2017-02-27 07:25
Modified
2024-08-05 15:18
Severity ?
EPSS score ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | x_refsource_MISC | |
| https://www.vusec.net/projects/anc | x_refsource_MISC | |
| http://www.securityfocus.com/bid/96459 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:48.841Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vusec.net/projects/anc", }, { name: "96459", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96459", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-27T00:00:00", descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-03-01T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.vusec.net/projects/anc", }, { name: "96459", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96459", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5927", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", refsource: "MISC", url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { name: "https://www.vusec.net/projects/anc", refsource: "MISC", url: "https://www.vusec.net/projects/anc", }, { name: "96459", refsource: "BID", url: "http://www.securityfocus.com/bid/96459", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5927", datePublished: "2017-02-27T07:25:00", dateReserved: "2017-02-07T00:00:00", dateUpdated: "2024-08-05T15:18:48.841Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5926
Vulnerability from cvelistv5
Published
2017-02-27 07:25
Modified
2024-08-05 15:18
Severity ?
EPSS score ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | x_refsource_MISC | |
| http://www.securityfocus.com/bid/96457 | vdb-entry, x_refsource_BID | |
| https://www.vusec.net/projects/anc | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:18:48.777Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { name: "96457", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96457", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.vusec.net/projects/anc", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2017-02-27T00:00:00", descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-03-01T10:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { name: "96457", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96457", }, { tags: [ "x_refsource_MISC", ], url: "https://www.vusec.net/projects/anc", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-5926", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", refsource: "MISC", url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { name: "96457", refsource: "BID", url: "http://www.securityfocus.com/bid/96457", }, { name: "https://www.vusec.net/projects/anc", refsource: "MISC", url: "https://www.vusec.net/projects/anc", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-5926", datePublished: "2017-02-27T07:25:00", dateReserved: "2017-02-07T00:00:00", dateUpdated: "2024-08-05T15:18:48.777Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2017-02-27 07:59
Modified
2024-11-21 03:28
Severity ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/96459 | ||
| cve@mitre.org | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96459 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| allwinner | a64 | - | |
| amd | athlon_ii_640_x4 | - | |
| amd | e-350 | - | |
| amd | fx-8120_8-core | - | |
| amd | fx-8320_8-core | - | |
| amd | fx-8350_8-core | - | |
| amd | phenom_9550_4-core | - | |
| intel | atom_c2750 | - | |
| intel | celeron_n2840 | - | |
| intel | core_i5_m480 | - | |
| intel | core_i7-2620qm | - | |
| intel | core_i7-3632qm | - | |
| intel | core_i7-4500u | - | |
| intel | core_i7-6700k | - | |
| intel | core_i7_920 | - | |
| intel | xeon_e3-1240_v5 | - | |
| intel | xeon_e5-2658_v2 | - | |
| nvidia | tegra_k1_cd570m-a1 | - | |
| nvidia | tegra_k1_cd580m-a1 | - | |
| samsung | exynos_5800 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:allwinner:a64:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8167A6-98BE-45D9-A333-A4DB8EE9BE43", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:athlon_ii_640_x4:-:*:*:*:*:*:*:*", matchCriteriaId: "4355B92A-F9A4-4DA0-9875-B0D8BD5541AC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:e-350:-:*:*:*:*:*:*:*", matchCriteriaId: "CF28E516-87C3-48BF-ADCB-E89C41DB3E4C", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8120_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "53A9CAF2-DABC-4DD0-87B3-552C469835CC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8320_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "5AC0369B-FB5E-48DF-B1E5-72BAD0A0CDEA", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8350_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "8519A289-6ADE-415A-AE6A-33FD68AFBDCE", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:phenom_9550_4-core:-:*:*:*:*:*:*:*", matchCriteriaId: "B51CAD25-267C-4BF2-B738-25B213FCDFD0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*", matchCriteriaId: "59CD7DDA-6DDA-47CF-9A75-AFA75B02A56F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5_m480:-:*:*:*:*:*:*:*", matchCriteriaId: "E92B12C0-E86A-44A0-B302-3CE721237726", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-2620qm:-:*:*:*:*:*:*:*", matchCriteriaId: "4A3B3752-79A3-45A8-8416-6DC1EA4A9E81", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-3632qm:-:*:*:*:*:*:*:*", matchCriteriaId: "09B0D125-332D-416D-A379-F0D7C1F9DA27", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-4500u:-:*:*:*:*:*:*:*", matchCriteriaId: "677C66EF-E9B9-430F-A19D-2D87AD83DBDB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFC55E4-D84D-4588-976D-1E2637B1BF0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7_920:-:*:*:*:*:*:*:*", matchCriteriaId: "FF0E91E0-F4B0-495A-80BA-B6B05E6F1760", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "51E0227B-8F2B-48B3-97BC-73BA1BACEED8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5-2658_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "661C05F6-8659-4C06-8AC5-7A25FFA52C2A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd570m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "C57EA6EC-A6B2-4A6A-A13C-EA86154DCA0C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd580m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA4020D9-99C1-4366-8377-8DD1A983381A", vulnerable: true, }, { criteria: "cpe:2.3:h:samsung:exynos_5800:-:*:*:*:*:*:*:*", matchCriteriaId: "36182055-4545-405C-8B39-CF5B87C014C7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, { lang: "es", value: "Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores ARM modernos. Realizando un ataque de canal lateral en las operaciones de MMU, es posible perder datos y punteros de código de JavaScript, rompiendo la ASLR.", }, ], id: "CVE-2017-5927", lastModified: "2024-11-21T03:28:41.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-27T07:59:00.237", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/96459", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/96459", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-27 07:59
Modified
2024-11-21 03:28
Severity ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/96457 | ||
| cve@mitre.org | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96457 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| allwinner | a64 | - | |
| amd | athlon_ii_640_x4 | - | |
| amd | e-350 | - | |
| amd | fx-8120_8-core | - | |
| amd | fx-8320_8-core | - | |
| amd | fx-8350_8-core | - | |
| amd | phenom_9550_4-core | - | |
| intel | atom_c2750 | - | |
| intel | celeron_n2840 | - | |
| intel | core_i5_m480 | - | |
| intel | core_i7-2620qm | - | |
| intel | core_i7-3632qm | - | |
| intel | core_i7-4500u | - | |
| intel | core_i7-6700k | - | |
| intel | core_i7_920 | - | |
| intel | xeon_e3-1240_v5 | - | |
| intel | xeon_e5-2658_v2 | - | |
| nvidia | tegra_k1_cd570m-a1 | - | |
| nvidia | tegra_k1_cd580m-a1 | - | |
| samsung | exynos_5800 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:allwinner:a64:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8167A6-98BE-45D9-A333-A4DB8EE9BE43", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:athlon_ii_640_x4:-:*:*:*:*:*:*:*", matchCriteriaId: "4355B92A-F9A4-4DA0-9875-B0D8BD5541AC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:e-350:-:*:*:*:*:*:*:*", matchCriteriaId: "CF28E516-87C3-48BF-ADCB-E89C41DB3E4C", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8120_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "53A9CAF2-DABC-4DD0-87B3-552C469835CC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8320_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "5AC0369B-FB5E-48DF-B1E5-72BAD0A0CDEA", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8350_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "8519A289-6ADE-415A-AE6A-33FD68AFBDCE", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:phenom_9550_4-core:-:*:*:*:*:*:*:*", matchCriteriaId: "B51CAD25-267C-4BF2-B738-25B213FCDFD0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*", matchCriteriaId: "59CD7DDA-6DDA-47CF-9A75-AFA75B02A56F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5_m480:-:*:*:*:*:*:*:*", matchCriteriaId: "E92B12C0-E86A-44A0-B302-3CE721237726", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-2620qm:-:*:*:*:*:*:*:*", matchCriteriaId: "4A3B3752-79A3-45A8-8416-6DC1EA4A9E81", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-3632qm:-:*:*:*:*:*:*:*", matchCriteriaId: "09B0D125-332D-416D-A379-F0D7C1F9DA27", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-4500u:-:*:*:*:*:*:*:*", matchCriteriaId: "677C66EF-E9B9-430F-A19D-2D87AD83DBDB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFC55E4-D84D-4588-976D-1E2637B1BF0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7_920:-:*:*:*:*:*:*:*", matchCriteriaId: "FF0E91E0-F4B0-495A-80BA-B6B05E6F1760", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "51E0227B-8F2B-48B3-97BC-73BA1BACEED8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5-2658_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "661C05F6-8659-4C06-8AC5-7A25FFA52C2A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd570m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "C57EA6EC-A6B2-4A6A-A13C-EA86154DCA0C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd580m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA4020D9-99C1-4366-8377-8DD1A983381A", vulnerable: true, }, { criteria: "cpe:2.3:h:samsung:exynos_5800:-:*:*:*:*:*:*:*", matchCriteriaId: "36182055-4545-405C-8B39-CF5B87C014C7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, { lang: "es", value: "Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores AMD modernos. Realizando un ataque de canal lateral en las operaciones de MMU, es posible perder datos y punteros de código de JavaScript, rompiendo la ASLR.", }, ], id: "CVE-2017-5926", lastModified: "2024-11-21T03:28:40.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-27T07:59:00.207", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/96457", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/96457", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-02-27 07:59
Modified
2024-11-21 03:28
Severity ?
Summary
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/96452 | ||
| cve@mitre.org | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96452 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vusec.net/projects/anc | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| allwinner | a64 | - | |
| amd | athlon_ii_640_x4 | - | |
| amd | e-350 | - | |
| amd | fx-8120_8-core | - | |
| amd | fx-8320_8-core | - | |
| amd | fx-8350_8-core | - | |
| amd | phenom_9550_4-core | - | |
| intel | atom_c2750 | - | |
| intel | celeron_n2840 | - | |
| intel | core_i5_m480 | - | |
| intel | core_i7-2620qm | - | |
| intel | core_i7-3632qm | - | |
| intel | core_i7-4500u | - | |
| intel | core_i7-6700k | - | |
| intel | core_i7_920 | - | |
| intel | xeon_e3-1240_v5 | - | |
| intel | xeon_e5-2658_v2 | - | |
| nvidia | tegra_k1_cd570m-a1 | - | |
| nvidia | tegra_k1_cd580m-a1 | - | |
| samsung | exynos_5800 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:allwinner:a64:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8167A6-98BE-45D9-A333-A4DB8EE9BE43", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:athlon_ii_640_x4:-:*:*:*:*:*:*:*", matchCriteriaId: "4355B92A-F9A4-4DA0-9875-B0D8BD5541AC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:e-350:-:*:*:*:*:*:*:*", matchCriteriaId: "CF28E516-87C3-48BF-ADCB-E89C41DB3E4C", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8120_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "53A9CAF2-DABC-4DD0-87B3-552C469835CC", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8320_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "5AC0369B-FB5E-48DF-B1E5-72BAD0A0CDEA", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:fx-8350_8-core:-:*:*:*:*:*:*:*", matchCriteriaId: "8519A289-6ADE-415A-AE6A-33FD68AFBDCE", vulnerable: true, }, { criteria: "cpe:2.3:h:amd:phenom_9550_4-core:-:*:*:*:*:*:*:*", matchCriteriaId: "B51CAD25-267C-4BF2-B738-25B213FCDFD0", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:atom_c2750:-:*:*:*:*:*:*:*", matchCriteriaId: "59CD7DDA-6DDA-47CF-9A75-AFA75B02A56F", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*", matchCriteriaId: "3826FEBA-0B2E-403D-9A6A-0DA02FEF9A2B", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i5_m480:-:*:*:*:*:*:*:*", matchCriteriaId: "E92B12C0-E86A-44A0-B302-3CE721237726", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-2620qm:-:*:*:*:*:*:*:*", matchCriteriaId: "4A3B3752-79A3-45A8-8416-6DC1EA4A9E81", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-3632qm:-:*:*:*:*:*:*:*", matchCriteriaId: "09B0D125-332D-416D-A379-F0D7C1F9DA27", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-4500u:-:*:*:*:*:*:*:*", matchCriteriaId: "677C66EF-E9B9-430F-A19D-2D87AD83DBDB", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*", matchCriteriaId: "EAFC55E4-D84D-4588-976D-1E2637B1BF0E", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:core_i7_920:-:*:*:*:*:*:*:*", matchCriteriaId: "FF0E91E0-F4B0-495A-80BA-B6B05E6F1760", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e3-1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "51E0227B-8F2B-48B3-97BC-73BA1BACEED8", vulnerable: true, }, { criteria: "cpe:2.3:h:intel:xeon_e5-2658_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "661C05F6-8659-4C06-8AC5-7A25FFA52C2A", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd570m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "C57EA6EC-A6B2-4A6A-A13C-EA86154DCA0C", vulnerable: true, }, { criteria: "cpe:2.3:h:nvidia:tegra_k1_cd580m-a1:-:*:*:*:*:*:*:*", matchCriteriaId: "CA4020D9-99C1-4366-8377-8DD1A983381A", vulnerable: true, }, { criteria: "cpe:2.3:h:samsung:exynos_5800:-:*:*:*:*:*:*:*", matchCriteriaId: "36182055-4545-405C-8B39-CF5B87C014C7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.", }, { lang: "es", value: "Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores Intel modernos. Realizando un ataque de canal lateral en las operaciones de MMU, es posible perder datos y punteros de código de JavaScript, rompiendo la ASLR.", }, ], id: "CVE-2017-5925", lastModified: "2024-11-21T03:28:40.700", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-02-27T07:59:00.143", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/96452", }, { source: "cve@mitre.org", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/96452", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Technical Description", "Third Party Advisory", ], url: "https://www.vusec.net/projects/anc", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }