Read Time:26 Second
Description
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality: Read Memory, Read Application Data
Potential Mitigations
Phase: Architecture and Design
Description:
CVE References
- CVE-2017-5754
- Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.