Tag Archives: CWE- 1298

CWE-1298 – Hardware Logic Contains Race Conditions

Read Time:36 Second

Description

A race condition in the hardware logic results in undermining security guarantees of the system.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-362

 

Consequences

Access Control: Bypass Protection Mechanism, Gain Privileges or Assume Identity, Alter Execution Logic

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Adopting design practices that encourage designers to recognize and eliminate race conditions, such as Karnaugh maps, could result in the decrease in occurrences of race conditions.

Phase: Implementation

Description: 

Logic redundancy can be implemented along security critical paths to prevent race conditions. To avoid metastability, it is a good practice in general to default to a secure state in which access is not given to untrusted agents.

CVE References