CVE-2023-34320 - Vulnerability Details - OpenCVE

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Arm	Cortex-a77 Cortex-a77 Firmware
Xen	Xen

Configuration 1 [-]

AND

OR	cpe:2.3:o:arm:cortex-a77_firmware:r0p0:::::::*
	cpe:2.3:o:arm:cortex-a77_firmware:r1p0:::::::*

cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://xenbits.xenproject.org/xsa/advisory-436.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: XEN

Published: 2023-12-08T20:54:06.993Z

Updated: 2024-08-02T16:10:06.648Z

Reserved: 2023-06-01T10:44:17.064Z

Link: CVE-2023-34320

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-08T21:15:07.353

Modified: 2024-11-21T08:07:00.387

Link: CVE-2023-34320

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:r0p0:*:*:*:*:*:*:*", "matchCriteriaId": "C311AE89-6CD0-4EAD-BF0E-D96D566B4876", "vulnerable": true}, {"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:r1p0:*:*:*:*:*:*:*", "matchCriteriaId": "3917B78C-B6A4-4B02-BF41-78B0F70A6206", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", "matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412\nwhere software, under certain circumstances, could deadlock a core\ndue to the execution of either a load to device or non-cacheable memory,\nand either a store exclusive or register read of the Physical\nAddress Register (PAR_EL1) in close proximity.\n"}, {"lang": "es", "value": "Los n\u00facleos Cortex-A77 (r0p0 y r1p0) se ven afectados por la errata 1508412 donde el software, bajo ciertas circunstancias, podr\u00eda bloquear un n\u00facleo debido a la ejecuci\u00f3n de una carga en el dispositivo o de una memoria no almacenable en cach\u00e9, y una lectura exclusiva de la tienda o del registro de el Registro de Direcciones F\u00edsicas (PAR_EL1) muy cerca."}], "id": "CVE-2023-34320", "lastModified": "2024-11-21T08:07:00.387", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-08T21:15:07.353", "references": [{"source": "security@xen.org", "tags": ["Third Party Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-436.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-436.html"}], "sourceIdentifier": "security@xen.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}