CVE-2023-34320 - OpenCVE

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Arm	Cortex-a77 Cortex-a77 Firmware
Xen	Xen

Configuration 1 [-]

AND

OR	cpe:2.3:o:arm:cortex-a77_firmware:r0p0:::::::*
	cpe:2.3:o:arm:cortex-a77_firmware:r1p0:::::::*

cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

References

Link	Resource
https://xenbits.xenproject.org/xsa/advisory-436.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: XEN

Published: 2023-12-08T20:54:06.993Z

Updated: 2023-12-08T20:54:06.993Z

Reserved: 2023-06-01T10:44:17.064Z

Link: CVE-2023-34320

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-08T21:15:07.353

Modified: 2023-12-13T18:46:07.917

Link: CVE-2023-34320

JSON object: View

Redhat Information

No data.

CWE

CWE-667

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:r0p0:*:*:*:*:*:*:*", "matchCriteriaId": "C311AE89-6CD0-4EAD-BF0E-D96D566B4876", "vulnerable": true}, {"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:r1p0:*:*:*:*:*:*:*", "matchCriteriaId": "3917B78C-B6A4-4B02-BF41-78B0F70A6206", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", "matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412\nwhere software, under certain circumstances, could deadlock a core\ndue to the execution of either a load to device or non-cacheable memory,\nand either a store exclusive or register read of the Physical\nAddress Register (PAR_EL1) in close proximity.\n"}, {"lang": "es", "value": "Los n\u00facleos Cortex-A77 (r0p0 y r1p0) se ven afectados por la errata 1508412 donde el software, bajo ciertas circunstancias, podr\u00eda bloquear un n\u00facleo debido a la ejecuci\u00f3n de una carga en el dispositivo o de una memoria no almacenable en cach\u00e9, y una lectura exclusiva de la tienda o del registro de el Registro de Direcciones F\u00edsicas (PAR_EL1) muy cerca."}], "id": "CVE-2023-34320", "lastModified": "2023-12-13T18:46:07.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-08T21:15:07.353", "references": [{"source": "security@xen.org", "tags": ["Third Party Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-436.html"}], "sourceIdentifier": "security@xen.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}