7.5
CWE
200
Advisory Published
Updated

CVE-2017-5927: Infoleak

First published: Mon Feb 27 2017(Updated: )

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Allwinner A64
Amd Athlon Ii 640 X4
Amd E-350
Amd Fx-8120 8-core
Amd Fx-8320 8-core
Amd Fx-8350 8-core
Amd Phenom 9550 4-core
Intel Atom C2750
Intel Celeron N2840
Intel Core I5 M480
Intel Core I7-2620qm
Intel Core I7-3632qm
Intel Core I7-4500u
Intel Core I7-6700k
Intel Core I7 920
Intel Xeon E3-1240 V5
Intel Xeon E5-2658 V2
Nvidia Tegra K1 Cd570m-a1
Nvidia Tegra K1 Cd580m-a1
Samsung Exynos 5800

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203