Description
Aliased or mirrored memory regions in hardware designs may have inconsistent read/write permissions enforced by the hardware. A possible result is that an untrusted agent is blocked from accessing a memory region but is not blocked from accessing the corresponding aliased memory region.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality: Read Memory
Integrity: Modify Memory
Availability: DoS: Instability
Potential Mitigations
Phase: Architecture and Design, Implementation
Description:
The checks should be applied for consistency access rights between primary memory regions and any mirrored or aliased memory regions. If different memory protection units (MPU) are protecting the aliased regions, their protected range definitions and policies should be synchronized.
Phase: Architecture and Design, Implementation
Description:
The controls that allow enabling memory aliases or changing the size of mapped memory regions should only be programmable by trusted software components.